{"report_id":"7fe82ccd-20cf-4b35-80b6-b28e31878947","version":6,"status":"done","tags":[],"date":"2026-04-21T18:10:01Z","url":{"schema":"http","addr":"aiinvest-tw.co","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"104.21.87.107","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"aiinvest-tw.co/#/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"title":"Aiinvest: One-Stop Global Investment Platform | Forex | Commodities | Stocks | Indices | Cryptocurrencies | Gold | Oil","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"aiinvest-tw.co","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"104.21.87.107","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-26T18:10:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-21T18:09:46Z","timestamp":1776794986,"ip_dst":{"addr":"47.79.64.253","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":35190,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-21T18:09:46.655355+0000\",\"flow_id\":1883299092520762,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":35190,\"dest_ip\":\"47.79.64.253\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-04-21T18:09:46.089914+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-21T18:09:46Z","timestamp":1776794986,"ip_dst":{"addr":"47.79.64.253","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":35202,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-21T18:09:46.889062+0000\",\"flow_id\":1450405043779097,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":35202,\"dest_ip\":\"47.79.64.253\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-04-21T18:09:46.341529+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"aiinvest-tw.co","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":113,"request_count":113,"received_data":15015250,"sent_data":48279,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.253","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-02-12T08:38:00.929095Z","last_seen":"2026-04-16T15:48:45.008222Z","alert_count":0,"request_count":1,"received_data":3102,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Register-7dbCJJN--cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6741c2f59aafca7f3a43b0c26e34f520","sha1":"9c798de5e173ca92003b0833981532b46921e015","sha256":"e895fe8b07aaa1fcf11d2ddc11b56078b0a982566de2b2cc52500727e7344128","sha512":"7174a0084e5c896eb3827fe89fe74bfa5f9b26a83b1cef065bc3615d7ea0dfaefd522f5c9e96c07c6e823afb3c42b65bef37e1eaffb1869567d9d7fd831a5f51","ssdeep":"384:GhN6umz4k7mm+rwmee5dk5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792C:GhNpmMk7aF5i5s5TUZ5pyVjnjXYn0D9V","tlshash":"7782778cb1519bfaab7b9430f4476930682c4f5fc463c4f6e6e88c35a79ec71a51423a","size":18539,"data":"","first_seen":"2026-04-21T18:10:22.452276Z","last_seen":"2026-04-21T18:12:11.744808Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-BPcXN58c-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"9a86059f9465e8f1129530a4b7d12124","sha1":"50f3b5ae067ee54ab478aa06a55972d8bbef11b3","sha256":"a91d45d3b83c37e06ccdb75b0eb628d7ba6f1e47bde6cb086a052360deeaa33f","sha512":"147c575bd256035010eaffabfff90cfe25e7f595bb65b2e6e9a32305985af05cdb7968b1c22cba6c20392eedf52bea0e2ec0780f75cc417c09474bb54e3f345b","ssdeep":"768:2ievlM82K8nfNtfWeg8s2qlLlWYuG13tfhlgbXXh4FgXG1aj:kdM82dPsH9YV","tlshash":"ea03842cb012cfbed663293062ad1994e1497fe9c526c80af1bd18233bc7ff05a56765","size":41123,"data":"","first_seen":"2026-04-21T18:10:22.455515Z","last_seen":"2026-04-21T18:12:11.722195Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9365bf3f6ebf6dad39024c571631184e","sha1":"7d3bfec9a2fe4c3662062deb238c7825c18e011a","sha256":"42f0f9cf3edfe892cf903ec6acc1d2c17d067b9fd7909f3c8c33926e059fc5ca","sha512":"a8605368914611ee37dd6ca23631cd29a40841354d2fc52c7260699c9367e94f7357122bc612d96815c0121f07af0b2e61ecd1307d11dbc372ef6037da2c0191","ssdeep":"192:rKZo0Ce1iqX15DM4p46HSBfsaw3ChJQy4c4UFeeINm:ruocj7dm","tlshash":"d102828e6deb22359aa3303a27ff7119b2398113058ade107c4d93485f9063546bbbdd","size":8315,"data":"","first_seen":"2026-04-21T18:10:22.480162Z","last_seen":"2026-04-21T18:12:11.800852Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"001ae4ff85de6b82c7e2b0c2bff98719","sha1":"8b4031754e8c8cb19f411044d20272ddde41addc","sha256":"5f3a23f29be87e8b9a3d635a96ca6194c6b5ad95d798af80cf3373af2c15aa5b","sha512":"ef63f776fec73b84edca74d6565da84937453691963e501e751fbc78bab3a5c31f0dbd8760c32c095a5ffcffd83baa394902382a7ab0afc6d9c709bc9ff2026a","ssdeep":"384:vn06Ipe3z0dwtRI6KYcWlekhLs+2XXueuGGyzRE4izwwRAFLKyIJj3TxPZgTkEzu:fF9DPhA+2ueu5AZJNKyWL12oAIvXh19","tlshash":"7f43f8a6b9e71134f623607ea3afa24d3835c407810ade207e5c5365afc16a64375bec","size":58839,"data":"","first_seen":"2026-04-21T18:10:22.481284Z","last_seen":"2026-04-21T18:12:11.804403Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Login-ojQMD-4G-cf20260409.js?v=20260409-nowallet2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4840af77c0014b932ba5b29afbaf05d7","sha1":"7b15734fdabcebc69ce86b0c2da99b3200d80183","sha256":"4e61fe1f4bb3001345ba05bf680c1a3c5c0aff8d9f09837d821be85b3a45cc19","sha512":"6624b75f28d7a016571d4926983356cbd6a52655ff5094c83334a07b362de7fd92433588e1c972183f3a2864ade8fb88f64d84da9ec68c7e92f101cc79e72014","ssdeep":"384:AYBaOqAooej4pyYd4QEj8E68E5rSoPzUrC1VDHizY2e1btwA:kAs84KEIEzEj7aBeleA","tlshash":"9dd22284c1b52972c693b2396a1be92e7824465bccfafd4c7fdc461a1f0d02e967035e","size":28756,"data":"","first_seen":"2026-04-21T18:10:22.463616Z","last_seen":"2026-04-21T18:12:11.771321Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-DehamXAc-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dcf16ea26b2ef7492cae8b54c03efead","sha1":"18ecc953c8211a2a53445f79cab61b5a3860e568","sha256":"d092a071ec82e8153da63e8da6e8d64afdad923c5148904aa665e2dbd6664301","sha512":"c36d9d90dd331e446ac12f79bc79306455296dc6d432180620b5328a911006247e2bbbde1e4c2c42ec41cd2c06fe8f5d7e2bb553e8ae5a36bdc9d2c30f01908e","ssdeep":"6144:rCIIxjxeOb8RhWxM4e5usAdBDt27Y+jYFrBPW/5khijm7L0OYm+mKzFw0T3iTTv8:2IExeOoRhWxM4e5uswBDt2M+jYtBPW/5","tlshash":"67641a847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","size":336858,"data":"","first_seen":"2026-04-21T18:10:22.476013Z","last_seen":"2026-04-21T18:12:11.734352Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0125155b17fc3b0f31cc57e48ea94ea0","sha1":"af54e7389fbc7fc02decdba87c68b08a89da045a","sha256":"880f4bae4a02ebb9ed331960a0a4a3ac36c338e154925a17a8e6447f7bae734a","sha512":"ab7a85e751dfc68b919502b3b70327ab619c9ea7f3f0d8f8ea44daae5260fd63540363b5b1c2c8574a8b6833d4db78024b0936a51bc8ab214204b719e58fcb01","ssdeep":"96:mnhL0+mK+4qP0ygnhHU7RmhOzOfReb4dOAxYRzSJqvJeb4fqf8:mhL0+ml4hnhHU7QhOzOfsbOOAxIWJqvh","tlshash":"b5a122f928c31615150311bfe9be6d08b429d543ac4ab8247e9c72053fee92d47fa6f1","size":4948,"data":"","first_seen":"2026-04-21T18:10:22.482403Z","last_seen":"2026-04-21T18:12:11.809264Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a71842b86706417a64bb903f9bd62f3","sha1":"a4a315a0d86dbee83deb209617dbde61fd824f3a","sha256":"6ccc923b712fbc887d796a9612042aa578a1df37eeb02eac0990a4912c0d18eb","sha512":"0eeddaa87356b005cb3a2534a80b49cd4db5b4a5c76bbe38584e3ba58f31d57f31c92fb523178b294f5bc5eb34cf066f6ec216f615cd17ea56debfc217e0d834","ssdeep":"384:22HCetqtJ55FZW1U9KG87jWY17TvwK6Qka8kU3GZv1CLPydy6Bn:2sQGU9KTWY1nvwRzktZdXy6Bn","tlshash":"d1b2b59afea330623e63917a0bff6146b1b98017404ada143c5e93445f9943453bfbee","size":24961,"data":"","first_seen":"2026-04-21T18:10:22.483334Z","last_seen":"2026-04-21T18:12:11.812162Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/account-mymDt-Yy-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a24fcda6cdb7b06e548b09b36778ea7a","sha1":"291cb3499aafdd945e368b7cbd2a46c6de4997c8","sha256":"9ec07483aa9c14b3a75d0de21b0c2df3c35bc8866a7414d58d6165e691a8e641","sha512":"96152659684151faba8e81166f6681bdbc0e9aec8b3dd778c05c342496212adf9843ffd0bd3a501d779ebf67fef630dd172ad37f3ac4adec2f10c5501d7824ca","ssdeep":"","tlshash":"0621048a8e4a52b7fbb0be1260d02e03c00b6fb5aeb244b2b06d957351bd045ca2db15","size":1115,"data":"","first_seen":"2026-04-21T18:10:22.453373Z","last_seen":"2026-04-21T18:12:11.749555Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Calculation.vue_vue_type_script_setup_true_lang-5GWkw2Iu-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6f7e5c9e3eba8f1a55f5ec6403ca71b5","sha1":"554e652b36735305ef153d3206b1b50f0e60a554","sha256":"47e92072e5eddbeded659a54e8bf09ae77969a6f10bc9392626cb6bb77e5d5f7","sha512":"e99927b83ef449596a29be1118de6eebac4e44bf00133d708f0d74276023fb3a24d7858ad853eab1e832ad3ada4383d2db70f3dae17f740186db1f9d5d03ae8a","ssdeep":"384:dWSYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:cScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"f192b74db252db3ddbb354f1605e1014e0087fcad426c497a1bf09933aeeeb11a6967c","size":20487,"data":"","first_seen":"2026-04-21T18:10:22.404645Z","last_seen":"2026-04-21T18:12:11.738969Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"661d32881727e782f14ec6c85414f641","sha1":"c046ec614002586c3a5f48f3f4d9f6e400c8309d","sha256":"5f121d493994f8fb0f010ebdc4802f5f765fa7e014ad294288e24275b14caa0c","sha512":"7e7a1d040c5b9a85179b0da21b89125eb1d3bfa3e068da744f622b0dc898c1d3dcc153766fc66289525f344b60b2f82254d9482965a2c50ae18f937233726cfa","ssdeep":"768:snZqsZgZa2mQcmfhBmiv9ROr2DGVieWP/DHq/Oq0nl59ncjc1QnNmfGvyMxIEm9P:2AZXSi/dSFWPRWlRy","tlshash":"ff33e979f9e710768847d2aa179f1516b5558023894bec343e5c83082fecc6c8dbeaf9","size":51939,"data":"","first_seen":"2026-04-21T18:10:22.484245Z","last_seen":"2026-04-21T18:12:11.819859Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Footer-DuAR8kIW-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"123809744f04e3e0719ad621a769dd5c","sha1":"0c1f9c6d73f5128b8b164ec4997b34d1a2dddf1b","sha256":"4318f1a011f3c3dacd2e97035845448bf25e454bc6091d5658007ebed73ca67d","sha512":"ae48f1aa9ab249d5f2db1b11cb5d7eb6b71ff94635724ad6c56e22035b6002c254f469b099171c73877414ba80daf5bd819257b37dc34c99cee5e4119bfeac40","ssdeep":"192:v1vNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:9vvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"65321a057973c9f9c6b784b5b8415510f238bfeee56bc85ab3fd890a17ced390a06260","size":11449,"data":"","first_seen":"2026-04-21T18:10:22.409902Z","last_seen":"2026-04-21T18:12:11.711302Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-rRNhicZU-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"0db5c230bc6be5b2f8f2e27cfff5be86","sha1":"18f1c93d73924e9584e907738fe685e5d5517c32","sha256":"d30412de4012106a6f1b0a970a81e9d7e41729605352534b37d050f62f1da4fc","sha512":"a7547a2da77efcadf07ac17dee4527c89275d28c0aa3870cffbfa57be14a1fbc70f32bf7e82bea6e8d7132caac80cb5e26b5088ecd881e28aa0b2bc0eaa53f98","ssdeep":"","tlshash":"be61a7d978b7f02087b548ee507b0636e23937592408d0d4e01fcd8a3934d6aa2a7e25","size":3246,"data":"","first_seen":"2026-04-21T18:10:22.439879Z","last_seen":"2026-04-21T18:12:11.673462Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"614eef67223cb86306336b6dac352811","sha1":"af9ad1d0546ee99e29dd1f7880f67b5c1b848a0a","sha256":"7c72822f718afd824673d30749fbf91710d6dfa8024e1da71f0533ac325fc731","sha512":"ba3285c4cb77d36ce654c01578b5f75c6bc36a7e48b2a049c61d79d33b3189c4986136fa0239b16a1ea5cf39213edca566f7ec2f5242115c0ce522ca75fac640","ssdeep":"384:AGiWJ5LCQy/aqh1GviOHhzRd/+2QU91xcMnVedk5V8SSU:AGVNuhsvdhzR/ic9","tlshash":"d8b2b4fea9672077bd17123e436f7441ba60c0038285c885b88ee3491f95b5857fd9fa","size":25675,"data":"","first_seen":"2026-04-21T18:10:22.486223Z","last_seen":"2026-04-21T18:12:11.822683Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a50531ed0de3eb7a5851c2f6fb200b83","sha1":"351b323050d699b2b28c5d3b1e8c6fc40fc5cf35","sha256":"c35f6cf8045b73ae97ac8fa43131aa6c3f54afc43154b4004d5c77e239cbfe10","sha512":"ac4a279b98884c84a7c7d9e0ee71a1008959797d935f284a2f7cff1caf99dd7f7adce7a315d89acc30a2caf8a54c03279eb33e8b73a2750cd95e921235435a28","ssdeep":"768:y+QbGli+JCbxTsn4AvG8MaVHgCWCwSQbHFs1l2Z:yAlVJCbxGFHgCWCQbHFsO","tlshash":"d5c2b4fb6cfb11620512e07e469f5014f22254234c86fe14bd6c87982fdd99d92feae8","size":27482,"data":"","first_seen":"2026-04-21T18:10:22.487256Z","last_seen":"2026-04-21T18:12:11.830154Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"190f58566316b84b41c3c8c930d99b3f","sha1":"62bf73a0402a6df14db80dbf142fe256a5f34440","sha256":"2f47f8185287aa2529019c93de2f2ce72c2e37752762c75fd8e60a942e39e6ff","sha512":"ba0f2142ba7e76ef4734cefb2ddb06394806dccb4e69ccaf395d6269ee6173348e2ad524e7463c4f201f7c69b4b9100ac42386f95ae0bd40c45f051d8f3a144e","ssdeep":"","tlshash":"0331b11b59ab215064a371be276fa21062738517234acf907c6dd3026fb062d07be7d9","size":1663,"data":"","first_seen":"2026-04-21T18:10:22.488245Z","last_seen":"2026-04-21T18:12:11.832023Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/ArticleViewer-Bc3iNfxN-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"594476543ac016ad2c332c145632b099","sha1":"acb47466cae7d63466babde56bc5e421d24facdc","sha256":"8ab5e4adb3ab9fab22c948198568a1fe28647c91ca0be6977a4a9d2dae3a6f12","sha512":"fead0a8fef4e162909339700aac52f5bd45c05e43b1a1cdcaa58eb5959569e02167c1650e7a7201877a271948cadc6132e565f0163036fa8649f50c22f818c0d","ssdeep":"","tlshash":"7b41949c2076cfb896f38339a58ad6549044bbcbd7118a89727e582a2fc0eb17a5c304","size":2414,"data":"","first_seen":"2026-04-21T18:10:22.44183Z","last_seen":"2026-04-21T18:12:11.716272Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/SetFundForm.vue_vue_type_script_setup_true_lang-Dn0EOhbI-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d22408cb99eb86354a01fd37d613655d","sha1":"b7c2b91d25171761f35bdf8b172e96d7912b9fac","sha256":"dad9ea74f8a32cddf8db432571645e7d6e1d614939b533dae8ff82e5728a4e9e","sha512":"de7a08c0b5f71956f3e5f7bc9bcaa0f761a1c0853132dca01ff5fb08d872d3334d8e514387f196c1cd16bf1e38a62b211913b244bb4b0d3916796ccedb4b3101","ssdeep":"","tlshash":"ba51430d24b2ceff2ac3a238224e6164e0c87fcfd7309759b67d417226c99f52619a55","size":2684,"data":"","first_seen":"2026-04-21T18:10:22.426489Z","last_seen":"2026-04-21T18:12:11.70249Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-ZroyYXz3-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f6663fd3b0bb85e3ab345b7fe697fb68","sha1":"af6fc72189184d9cb9e46b117a422aa8568ae326","sha256":"516fd516183fb68fe521ae71d1c5cc591500b191d236dad61d8e39195e813622","sha512":"9ea86da22b13cc4289f63053217c369bef34d518b9b8310c2f8f210d5ec22c55b62c9a59b8882bf4fe26ec4a9a1258e95a5b6da2ea96adf9bba6e9a22ee3f0f4","ssdeep":"","tlshash":"bd31420d9073cbbc95a391391b4a2168d2847fdada708bccf36c14723aca9b7592c640","size":1521,"data":"","first_seen":"2026-04-21T18:10:22.444504Z","last_seen":"2026-04-21T18:12:11.68025Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b5dd1739fcd58649b92f9c39b0bc8867","sha1":"20f4af99f78a09844894c375604b1c7db07caa1f","sha256":"05f79de7eaf720e6e1422cdf5a664f1f5b5ed2fb99696d5c2117df38ef98e820","sha512":"2298aaff8c13e556235a4804a4fef9fa58207179ca91d315cf1845f7de384f41d65a769c6e75ed3e1615f6858be05c94b5298f796f31d30ae1658061275adcb0","ssdeep":"192:WxEWNcTZ9hBflRH9elAy5/B8ZirqeqyL4qyruaoGy/:CVqNrZisFy/","tlshash":"59e1631aae73233355f3e17f17efa609f22461176019dd183e8d87445f8a81c46beac9","size":7379,"data":"","first_seen":"2026-04-21T18:10:22.489168Z","last_seen":"2026-04-21T18:12:11.838342Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3b873343921529004cb39837347dae50","sha1":"344cccace77a7cba8955b2cfe0886c60c40a7d29","sha256":"19d1608a08f6f23351d1917dfc4d68857ce6701839b5c395d0b4d9bf04816143","sha512":"1b42a4f63085e437b5cccf2a95756abd91f34005463ab67a7c2691fe7934db10f7c34f52f6320c87bca856bb2f6d650284e5d3777af015716350c50b76def460","ssdeep":"","tlshash":"8d7151891077623759d620bce3cf5084e629b45b221aead4be0e53c46f45b2c93f1fe9","size":3757,"data":"","first_seen":"2026-04-21T18:10:22.49033Z","last_seen":"2026-04-21T18:12:11.842136Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/dataModify-C6sk-dj3-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","size":635,"data":"","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-04-21T18:21:48.769331Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/cssCalculate-G7yYGhEz-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","size":792,"data":"","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-04-21T18:21:48.811528Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/CookieConsent-lvFV90Wy-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c7945ff3ea9c72015d697fc4481ee50e","sha1":"f368fca4f46948042ab8ef88ead871d933ecadf9","sha256":"cbe238fb8fa63f1e4dea377ad0f56e2eb6835c57c209ab5e9ed6abd90e651905","sha512":"8a5d9082344f172c45f1e3e02e74d1b4a3765e5a10bd23bc31d237780f0b66784077697dee1c520bd37e52f5bee3d4fcee55e138d860f1f783a0bc47285469bb","ssdeep":"768:jr5jgT5ISSBGZo4mrwrS0yIpdmjriD0PbnPex4:CeVsmrwbpdeioX","tlshash":"a0e25c05e806eeb9d7f31634744a7168a4387fdac25ac479a3bd85232bc9f728763314","size":32699,"data":"","first_seen":"2026-04-21T18:10:22.393321Z","last_seen":"2026-04-21T18:12:11.767813Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-Cprivexq-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf823539278a9e16cdc7425568d7adc4","sha1":"4168c95da429a6d0ac5a9c3a49cdeab851d0a1b7","sha256":"23f62a9e69cbd2898abe28a6a9ee6415ed052cac3d40e4b3aba1c7ec6f2e50c7","sha512":"22a180997d3cfcd43a95aeedb470bf7d697f915e321b7361c67b8f32bdeebaa6f4b8a9b65cac8dc71cc72fdc3464146697e27080ba17e745072b1285c7a322ce","ssdeep":"1536:V9R8W1dTRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:HRhdjTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"de048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","size":173390,"data":"","first_seen":"2026-04-21T18:10:22.440756Z","last_seen":"2026-04-21T18:12:11.74875Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/loan-RS8PKRPW-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b07e5624d6c3e7957e21d7809e702ccc","sha1":"0295aeea63db4516de56f65a16d18410e6f54971","sha256":"a98840509eb0fa5c2cc36e4d3bbd8a014c3e3e693be655acbaf1ea89b7a58d73","sha512":"480ab9135b355364ec7559c3eb52a727c1ce85d978b9fe40e6ba9df275749001835b199aa42f9b9cd4db80a457dd18a479073dba649755a1ba75172b516e3419","ssdeep":"","tlshash":"6ff0c8dabd079a7f9135d22930923d02b43b9a31def614702f2ad4678b2c089675a941","size":591,"data":"","first_seen":"2026-04-21T18:10:22.445281Z","last_seen":"2026-04-21T18:12:11.758574Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1703166c28dd29110ca8c770721a0bb","sha1":"100153c7c28c0cc5b58b13ca338e9f5ed4c2c6e0","sha256":"64cef641b414e887d9aaf32c7c4a6dc9b374eae9bf9b1b969506db6e7123f125","sha512":"ca1820e15abdedb98373b87c64b6fc55f5023ad9e487a94afe8971e803c6f929200f80abb4272c8a52da9dc02d08a7db6eb9ee4542a973108494706f9a30a57e","ssdeep":"","tlshash":"3f8143ad699310f4ea535a3ebbbfb500ba3240279006e450b84dc3586fd4e2d12bd9df","size":4058,"data":"","first_seen":"2026-04-21T18:10:22.491135Z","last_seen":"2026-04-21T18:12:11.844688Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/PdfViewer-D79El9Xj-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"1827ed8f6700384881db23010054c026","sha1":"cd9ac676400a981281bb754a3be52efcd90ec16e","sha256":"1e64098ab4ac7ff8594bbcf9466c8d8d419a52263cdbe5debd7ad60b5b164258","sha512":"a62a78adc910daca3c1e3a8ba7f495851f75f7cf4bb94d280d24d4ef7cce3be7ee6ee30ab3d0e24719f056eb2c23211f93852917a8f0c2595640015e0d0f1e1c","ssdeep":"24576:HkpMfCJkPXXq8RqbOt7aFMz3FuEoYlOsp8yDpm0gLsC7Xl5:HkpMfCKPXXq8QCFR+l5","tlshash":"1aa5a072634372e96b79468671b91609437f154d34f3a1c8ed8e2edac52ad2b237c23c","size":2202821,"data":"","first_seen":"2026-04-21T18:10:22.492709Z","last_seen":"2026-04-21T18:12:11.834456Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/login-bg-CtTnvaIr-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","size":91,"data":"","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-04-21T18:21:48.806487Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/CreateOrderModal-rfpUCXt_-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"00bdfd5ef9cd95c749ed97fcd7835e12","sha1":"a934584e575247c493f7dff7c4872fef145632ea","sha256":"2c2849795733a3850f5425c4e8770d0d02a495d6fbbb1d56134a26761a16cc3d","sha512":"336925a1d1a8f73fc5336b7b7bd84c1de22d8282ac103371f3a93a312f8d1f2432c2c43b685efc6d28dffe45067abbfd083ddd7ed4e8f08eb1924750d3b6d487","ssdeep":"384:a5lMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:a3MuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"3672c93c70d0c9be9473d276a2cd68284048bfcfc6625bcef63da66415d9cb15b25a2c","size":16305,"data":"","first_seen":"2026-04-21T18:10:22.395882Z","last_seen":"2026-04-21T18:12:11.769926Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"12a81a54a24567ddcd8482054ecdf6f5","sha1":"86bc1459132afd98aca030c7f9c1370a24a965c5","sha256":"2148cecb1ce14c2af38b2a02c29c17ee744a72564166ad2dc7bd6857a38b1e95","sha512":"477b01748a98aceebc7e4f2585226abb360b2dedaa6cb045691874e2a4e2609754af3bdc3e988daba7eb599b0550453139dbc144a98a67774062459c591c378e","ssdeep":"96:loVci1pgiCH4RPT5MBuL8YRhwwHx70YXOU09d6FmZMK3Q7:HopgjYdMBuL8ceaONFL6/Kg7","tlshash":"8cc1a399b8e30061e683312d4baf760972608017d54af9e03e4c93d82fe9b3d46797cb","size":5644,"data":"","first_seen":"2026-04-21T18:10:22.493733Z","last_seen":"2026-04-21T18:12:11.84827Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-BvE5h4Y2-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4098c15bf419a70e61f379a0b6a1d013","sha1":"94a619ccbb860728787afbb8a89a52f8438b2a5d","sha256":"24d8a2ffd30bbfa5c58771f0f6895dc1889871f0def209ba57b5005a1826e680","sha512":"a051a8c35d5cdac1fc03e686f3864202256fcc1829c6a185d585824450866532fd080552473504b458709712276692e702b12e0b976e05f645ecf3b484d6c36e","ssdeep":"49152:90t9UzEet33btbdNv92Q3fHjDejTWllv9xWYOkLG:GOXf6","tlshash":"60958e8876c6f06407f382e560eb1105f2786d45f446c0a4f9fc89ab26e5e9de267f38","size":1927037,"data":"","first_seen":"2026-04-21T18:10:22.495397Z","last_seen":"2026-04-21T18:12:11.826121Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/TradeLayout-DtwBVIFP-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7ea7fb68cef2589fe4ed680e91d1298","sha1":"89a670b4c3169dd12f55b9f44ba94a867fb0d2ff","sha256":"e4ef84016867668a7831b978d64a571f8d51ba0677bcf7a34a7bd3976805ee9b","sha512":"7594824cdfdee3ea730a90ae7836ab2ff7328fd366a28216fa4472c226a8a866487e6dbc743319e68de6ccc1c3e8c087b94ccc1cc39f81c895ed282ef1e0a59f","ssdeep":"12288:G37MnWzG2+iFeq6Zz6uSx6c92e1sD5skF4:GrMnWzG2+iFeq6Zz6uSx6c9c3m","tlshash":"1d94e580b162e53993f391b5107a0401e3197f89b40685adf27dccd73eaad9a71baf34","size":414946,"data":"","first_seen":"2026-04-21T18:10:22.454661Z","last_seen":"2026-04-21T18:12:11.792307Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/filters-CVVMcBXU-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"959f10848aa622ea30be381c5a450482","sha1":"92f36636b5bd6a081e17f282a739faacd4ff12fd","sha256":"7ca9403b3059b7a30b08bf2b54e1bb78b22146ce1334b25481f904efee320cf5","sha512":"e5d43811510e475b63c3aabc470ff631b8bfb3d00c9453f4f8bdfb8e4ec292e814ce16609b6ccb19602fbffd877dd75c298f42bee60e8049640ca00124ca71c4","ssdeep":"","tlshash":"1f118ba995c6c67b02fb88c9514e418768e87f78b00e4b62b974f1123561091f4be393","size":1057,"data":"","first_seen":"2026-04-21T18:10:22.447587Z","last_seen":"2026-04-21T18:12:11.751735Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"aiinvest-tw.co/js/CookieConsent-lvFV90Wy-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/CookieConsent-lvFV90Wy-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tZ2IiGIq4blE7bVNbOFrtRHe9odUGyxxifrGe4%2BIgzVDc8iEhFMZ5Vlv8hQ4ac4z1kmDzy4%2FmaC%2F%2F7SrGo14R849FJK1AYglbti87pr%2F2tu6KuYMHZzPag%2Fdq5653pHzpQ%3D%3D\"}]}\r\netag: W/\"69e18d5c-7fbb\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57604ffc568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32699,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28866)","md5":"c7945ff3ea9c72015d697fc4481ee50e","sha1":"f368fca4f46948042ab8ef88ead871d933ecadf9","sha256":"cbe238fb8fa63f1e4dea377ad0f56e2eb6835c57c209ab5e9ed6abd90e651905","sha512":"8a5d9082344f172c45f1e3e02e74d1b4a3765e5a10bd23bc31d237780f0b66784077697dee1c520bd37e52f5bee3d4fcee55e138d860f1f783a0bc47285469bb","ssdeep":"768:jr5jgT5ISSBGZo4mrwrS0yIpdmjriD0PbnPex4:CeVsmrwbpdeioX","tlshash":"a0e25c05e806eeb9d7f31634744a7168a4387fdac25ac479a3bd85232bc9f728763314","first_seen":"2026-04-21T18:10:22.393321Z","last_seen":"2026-04-21T18:12:11.767813Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1175,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/kline","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 53\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":53,"data":"{\"symbol\":\"BTCUSDT\",\"interval\":\"ONE_HOUR\",\"limit\":50}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"1907-1zfyQQHyRoFvE4iOsY+zqLzWIGQ\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s3xqj4SC6RZNK3YlNVO%2Fhla8J2AizhHUCSUpP3nlKMN27cbpv5NHtW%2BsoCCmQwEPIgT7lnn3fMxDdGk%2BjLm%2F1m2YAjHWuAyHer%2BaG4j85ss4pL2GmSgncO6qjrlF%2Baietg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775cd5a568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6407,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5298ad8330101a4c2e7af4aecbdcf80f","sha1":"d737f24101f246816f13888eb18fb3a8bcd62064","sha256":"8b81c95c135478ceede46be8076192921ec781f75da42559cd69ba1432057030","sha512":"f7c45b3355e76df8e1f23fbe140bec393c43fabc54ae7219f8ea5f1fbf26e073e375acd60575d9c72fe16e3cf85974705c451fecea187a457b396bf1218c2e4a","ssdeep":"96:G6Idx72oxeMekYUJQ0unOTZh76cFeySqWosqn6C/pbFEyVW:RIdx72weMekFJEOTScFRSqWtS6C/w","tlshash":"7ed1c7725688d5a4e873edf16bc3bca45b1d70db99ce0c4562989e310df0a318b683f1","first_seen":"2026-04-21T18:10:22.394437Z","last_seen":"2026-04-21T18:10:22.394437Z","times_seen":1,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/CreateOrderModal-rfpUCXt_-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/CreateOrderModal-rfpUCXt_-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WptpP%2FKAepocsDvWV0w%2B73HpLhEAIq6%2F%2Bv01Ao6EGoabaF2GouC%2BsnxOTT%2FVZ7JK4%2Bi3SzBxZsyLuouIgcZK%2F2p5fu3gGiX%2FaPtNxlcSPUWoJZM04Zqiw4wjryTDAWBarQ%3D%3D\"}]}\r\netag: W/\"69e18d5c-3fb1\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e53568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16305,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16304)","md5":"00bdfd5ef9cd95c749ed97fcd7835e12","sha1":"a934584e575247c493f7dff7c4872fef145632ea","sha256":"2c2849795733a3850f5425c4e8770d0d02a495d6fbbb1d56134a26761a16cc3d","sha512":"336925a1d1a8f73fc5336b7b7bd84c1de22d8282ac103371f3a93a312f8d1f2432c2c43b685efc6d28dffe45067abbfd083ddd7ed4e8f08eb1924750d3b6d487","ssdeep":"384:a5lMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:a3MuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"3672c93c70d0c9be9473d276a2cd68284048bfcfc6625bcef63da66415d9cb15b25a2c","first_seen":"2026-04-21T18:10:22.395882Z","last_seen":"2026-04-21T18:12:11.769926Z","times_seen":2,"resource_available":true,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/index-C1YPvleS.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:39.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/index-C1YPvleS.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:40 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n07Pnf21fOLryO1nSZICFcZmxvONmWWT2r9lbDMWn%2FVdhyY7W6aY1MftlwYDzoW4L1%2B1vmvl7wE%2F9Nd1amMQbr2qlPo8M8j0tb6tOzRVjx96h6vPKl2xu9834TJiVUhK9A%3D%3D\"}]}\r\netag: W/\"69e18d5c-3743d\"\r\ncontent-encoding: br\r\ncf-ray: 9efe574b1c89568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":226365,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8303b549cb23fa27335de4dc004561d3","sha1":"7af75c2aec33afe946d79e059d2f8635bdb573ac","sha256":"e99f84ee963ed94483c2a0cb67566b289a63fc73b3cd0f0daec1a616727348d5","sha512":"681d63eba27d374561da41967cbf5a643ece18f3369a4e81041c3a0d9c98b853612347083f074350e714ca41fa8c9a8236a5c80a9fd216908aa7f663dc4633fc","ssdeep":"6144:+ExgAtraQez/J6ijqI+ChRk1Cfvkauh/Xm1uhE79QQ4R8eG+Qkq7sIZ36:C89Ic","tlshash":"c92454bde28904e63b36cca6d374778e6039f6b1c9955d95f81b501cefc33a10682a78","first_seen":"2026-03-19T19:44:46.535503Z","last_seen":"2026-04-21T18:21:48.803659Z","times_seen":12,"resource_available":false,"data":null}},"time_used":2045,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1159,"receive":886,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/platform/likefire/touch-icon.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:40.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /platform/likefire/touch-icon.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:41 GMT\r\ncontent-type: image/png\r\ncontent-length: 4397\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Apr 2026 22:44:52 GMT\r\npriority: u=6,i=?0\r\netag: \"69d97d64-112d\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OosWc7ncVcbBVT4F%2FHpCdQEkZTSZLHDRPTR9IhXtpym%2FSassE7Zfx1xdllrn3PLOnfGNE7d101BGaoTkkrhZ55w1pXesxNG5cpHreCNfNuxQdiQYUbOKq9zH%2FlTtu5vJSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57565b21568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4397,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"70f68350cf2aae4902e8059021d0df65","sha1":"fc2aa3b7fd92549f6b040be28b53dc193c94e779","sha256":"19b24c8359fd20842b1f19ec0d25d6721b79b21982817114e73b00bb65044a86","sha512":"b4e655dbb73604296482755fc58f4326ebe8ae28eadca3601833eaf1ae5ab1d5aee8eaf88cf589f84d81da3aa7bb2f5e85fa762ebc9028f47cf02b2c017ab68a","ssdeep":"96:irFaKMfbX5gyvrJHFHdmcrKvGTRVVHE8VY4r1+UHNXjOC:iRSLlvNHF8cr3zZaIQUH/","tlshash":"22917d274073c5f4ec9b167a26946fd392535f2f30e410d08a026d9ed9d9fea3043d99","first_seen":"2026-04-21T18:10:22.398994Z","last_seen":"2026-04-21T18:12:11.681221Z","times_seen":2,"resource_available":false,"data":null}},"time_used":866,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":865,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/index-bg-Cig16shZ.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/index-bg-Cig16shZ.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aiinvest-tw.co/assets/CookieConsent-BKtXZsW6.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 45818\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:24 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69380-b2fa\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SzrF1I1OSxIN5sv73g1%2BdUjzXZO0nEgOwo64Fn8iHR3mUEgzeUzRbXlJhY0ZaF5qA6H7Slah6Jdm8chJEi1gAh5xu22la6Dy15Q4mjA%2FUkexNOC4UngSWPmQ%2Fri6XxzCrw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57758d03568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45818,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 706, 8-bit colormap, non-interlaced","md5":"c09495fae9b3b9afa21e4f85338186f6","sha1":"de7e184687afed539def40fcefe0e9315596e07b","sha256":"6e82c55cbd0ee19a044a5ec37c31769eeb6e168802c661640cc683e6b3e8733d","sha512":"8268075ddb43eb44937d88d3542d2fa595f0896f76c48ff52786673de1b486274d13880754df9605fa3b303bab65dd5bb02ca5bc33e88acda64dccbf16285fba","ssdeep":"768:A6+sg4W9+cPJlO1NctTpA2+fzAJjIaZjVcpjO6X0BvRURf0hrv4llB+86HFhekx7:7+sg4mnhlO1NUdAVfkJsdNS+MHe0r1PB","tlshash":"d523f20a976dc409b8497e7d8fa48700a882cf97602d873d7e913a1de938d534f89cbd","first_seen":"2025-08-26T17:46:37.246586Z","last_seen":"2026-04-21T18:21:48.79176Z","times_seen":53,"resource_available":false,"data":null}},"time_used":1348,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1165,"receive":183,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"aiinvest-tw.co/ws","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:43.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /ws HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://aiinvest-tw.co\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: lcgPUjN0Uwtc6NRyei8qeg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 21 Apr 2026 18:09:44 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: AxA8iiX9Q1gbxpxZ+EiTygTu6l8=\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=AIKCxLjqIqpCaTWIb7mXGBPoyZF2DHMVEKz%2FcD5FkFgZg7uy2G%2FFG%2FuNqHNr3ZhfjmRGlJM%2Bk%2FM9ct%2BTPljczq%2FAgnp5cfEw343gS7kLr4BioXc3nvafxiTKpeDQqaq3Rw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9efe57672aa02efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=465\u0026min_rtt=437\u0026rtt_var=172\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2352\u0026recv_bytes=1158\u0026delivery_rate=5125663\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=c8624ee96e729408\u0026ts=907\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T22:09:25.934933Z","times_seen":14033814,"resource_available":true,"data":null}},"time_used":914,"timings":{"blocked":-1,"dns":2,"connect":1,"send":0,"wait":893,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/dataModify-C6sk-dj3-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BB%2FT43jbLiX9uvPtmjrVnqjbvpLQHNwmf63UySNl%2FV%2BtHm%2BvgsM3%2FAHfPOBqPswcGIU%2FCa5tWQNoGcQaZ0Zh95LUVsMwBeNM3iwdeFS%2FnEqhRO4%2BuaDO70iiPINZCgRlLQ%3D%3D\"}]}\r\netag: W/\"69e18d5c-27b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe576c9942568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-04-21T18:21:48.769331Z","times_seen":32,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/TradeLayout-B67HdYX6.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/TradeLayout-B67HdYX6.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oqoRQnbiHfeksHWwgGy2ZS2lZeUtyeqjeJsDRW6y9FmGYGNU0ffDHzJFgbam3sSuv4S3gw8Nx3FJE5AulwFL0kDTZCnWOLkM1X1Jv89NX0B4jeG7QXSAWV%2BE9v4alBQ37g%3D%3D\"}]}\r\netag: W/\"69e18d5c-dfd\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783fe26568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3581,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3580)","md5":"383aa27b8abb1123a442c5c3a2ddd6c6","sha1":"70ba1b65bb6bd26aff7e0885653cf8c37c044b02","sha256":"257bdc9655033d87afe235082cb5e6d82e68867fcc4484c1bf7b10b43056a2b5","sha512":"6a4696862ea5112f45db7f8a343af39e136699f25da5f9e448ad4e3f7d52017115256dc40a07df631f6503e86b4a0839219e8e52aca43fe163a2207d0447dfab","ssdeep":"","tlshash":"1c7122aaa11c20a86273e9c7e5e8439d111ee343f66609d5b34079f98fc37f92b75085","first_seen":"2026-03-19T19:44:46.524639Z","last_seen":"2026-04-21T18:21:48.761318Z","times_seen":15,"resource_available":false,"data":null}},"time_used":1228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/login-bg-CtTnvaIr-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=47RTp5OQiO0TKsZyfAnpkaP7kfN7vT4hTK13RPyengdHesC2GmK7QDkEApWZiRr%2BAXVgfL31L8AmSzEVMeXg8FwLF8cSJL0TNHdkzU9gG3J723%2BeLdr1Z%2BYFLDK8OzqSqg%3D%3D\"}]}\r\netag: W/\"69e18d5c-5b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe578638e8568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-04-21T18:21:48.806487Z","times_seen":35,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Calculation.vue_vue_type_script_setup_true_lang-5GWkw2Iu-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-5GWkw2Iu-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bvzS%2FQ%2FXqyXS7hlovha5YLULnQWrWjL%2BC%2F3%2F3M42tcZd3tl4bfFEvF1HR3wi%2FjnlOZ%2BKmmMH6zjaqrwcfv0nOqH%2Fee3TxLOHrW7NAe8ljonxDhFy0te%2F%2B7lVHy6diS9HAg%3D%3D\"}]}\r\netag: W/\"69e18d5c-5007\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57604ff3568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20487,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20480)","md5":"6f7e5c9e3eba8f1a55f5ec6403ca71b5","sha1":"554e652b36735305ef153d3206b1b50f0e60a554","sha256":"47e92072e5eddbeded659a54e8bf09ae77969a6f10bc9392626cb6bb77e5d5f7","sha512":"e99927b83ef449596a29be1118de6eebac4e44bf00133d708f0d74276023fb3a24d7858ad853eab1e832ad3ada4383d2db70f3dae17f740186db1f9d5d03ae8a","ssdeep":"384:dWSYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:cScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"f192b74db252db3ddbb354f1605e1014e0087fcad426c497a1bf09933aeeeb11a6967c","first_seen":"2026-04-21T18:10:22.404645Z","last_seen":"2026-04-21T18:12:11.738969Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1174,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/crypto2-RVLsXywe.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/crypto2-RVLsXywe.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 56783\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:21 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937d-ddcf\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d88PM0juMrS96237JLc24F4JUV8PIaryp8HCDii%2BrGyXKjc1Df5S4MEoaPkcAw8KuUQcSmmDVmNPaBkTlxJIF%2FYyluUnabCpzh%2F%2BsYK%2BCkWa7DEl9rpeJNY8fGsi2b1ZCA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774dc33568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56783,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 305, 8-bit/color RGBA, non-interlaced","md5":"8a1eae471f4c0dc21007b86b97b5fd68","sha1":"b1ac51b4dd8a9a255a35326b1e0e3724eee7b431","sha256":"780f1d2b6644b5d7173ac032e83d0bcb58b2d0f8fa81911b15031918f3cb593f","sha512":"decf23d33c7f25185d1ce69a55b7ecfcacc46225c0a6cac3705c8c8666531831edc83b956a8dd0e714b0addf0cfec8e2e9cfd30738b652556ef113d9131bae4e","ssdeep":"1536:Z41T3sxtojtdJlqDe3dBB+5pfT8kbN5ahOaV:Zm3sxWtdzqDe3Dw5ZT/N5ahOK","tlshash":"e543024f4482be71cc64d7813f96923a11967d4afda0b4b08ea7a041cfce4ed72456af","first_seen":"2025-08-26T17:46:37.263184Z","last_seen":"2026-04-21T18:21:48.770434Z","times_seen":53,"resource_available":false,"data":null}},"time_used":1525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1205,"receive":320,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Register-CZzsnL_s.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Register-CZzsnL_s.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ItbLdIw4J4CePPz5NHQxEcectI3u%2F6v9iyDrOWFAWWy8RHvXDZ5TbijfgMbyOIS5Gv6PS8A14AlTNRB7nl8xG9b5QSAouiIWx1gt%2FLlwHFsI86DzfxuWvkPLYVIFQ9Rd4Q%3D%3D\"}]}\r\netag: W/\"69e18d5c-bd\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783ee19568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":189,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0f478f9acb51dc6d5bba246cfb3c40f4","sha1":"e0b895c539b695c5bb07f09eb825e1a8c566e5ef","sha256":"6b51f62c7175076988c4aa1b50db70a4d3b2ba26a5cb91b03e9d901875873e26","sha512":"5f3b2329636cd8a81ed09c4790c6e8a45a1c0ce25c899f02ba6eb5eaf8252cca00a31fd4af1de7b4d60c9efad17bc8483a7bc274b73aa5ee4b2f42b852991979","ssdeep":"","tlshash":"11c01252841e713b1eaff2545295c18d9534b7d3ac221a6c5615729097e6ec0261e4c9","first_seen":"2026-01-30T06:58:07.097395Z","last_seen":"2026-04-21T18:21:48.814897Z","times_seen":32,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/kline","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 53\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":53,"data":"{\"symbol\":\"ADAUSDT\",\"interval\":\"ONE_HOUR\",\"limit\":50}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"169e-CROSDe7a/vCywMiA5QjF3vAJCB0\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AdAREH7IdfjNVrCrgegLWljv2VfEVqhgl2HL471cdpRHNUE6idfwmSY6j7b3f2aujPE4hXlLhZA%2Fb%2B5NmAlS3YCKQuQ9rMm2OopKCLiS6RqEhkiREpZArRZNoQS4%2BfTuRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775dd8a568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5790,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3fb15d0b14f3b5ef0e5174d86fc2d133","sha1":"0913920deedafef0b2c0c880e508c5def009081d","sha256":"4e5a4ed9e3da2ad6369f6bd787333b13803c867002caa73ebf2af21f760963f0","sha512":"f18d0625d5bbd98e49a8127343b963158e4ebe35b1d846abd9a02abfcfea94a797bb452ee87a18027347359e9b5c722815d12b0050a99def873ac2d8fad6c0a1","ssdeep":"48:Yd+VKF/LhzuzSwzotXrz34JHuo/vG/y5QohzaWnhh9fZeMiZ//lFfpo/lH3iXfGz:QCDKCheXFBep3rEboQzr2GM30RvoiRw","tlshash":"6dc1d7214684d0e5e033aeae2b6379e1a55d70af5dce1fd50669ca101ee1733862cfb2","first_seen":"2026-04-21T18:10:22.407565Z","last_seen":"2026-04-21T18:10:22.407565Z","times_seen":1,"resource_available":false,"data":null}},"time_used":924,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":924,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/PdfViewer-D79El9Xj-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/PdfViewer-D79El9Xj-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ie8GJohcRvCfkH61WLwRbtY7Tz34uhbeA%2BOt0Oe5HEWMs%2FQV08GwmXbVpc68bL%2FUzkPASvk3uwW95JRgRsguxIVdJR2GrfYKwJa0UKqOhVND4VERHbr78U0lvk65ipEltw%3D%3D\"}]}\r\netag: W/\"69e18d5c-219cc5\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57605812568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2202821,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"9dceb14a07ed91d98776e06bf64d91ea","sha1":"60e5d72d4c1d459d051ab7a5d8c4665b3fa75ff6","sha256":"16a52f914b634031f7b4f1a97caa256182ab9e072034b6a354e3541c9827b1d7","sha512":"751c6552dd822e8077e324a5de59d2a5b44b3e373e5bc776404ca01fd8d9ae0f73f1bb84833d1905ca9de3dec3c15ac4b5d34420efeb4781526bf157270690ee","ssdeep":"12288:HZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbd:HkpMfCJkPXXq8RqbOt7aFMzC","tlshash":"a1258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-04-21T18:10:22.408492Z","last_seen":"2026-04-21T18:12:11.759792Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2982,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1156,"receive":1826,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Footer-DuAR8kIW-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/Footer-DuAR8kIW-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C8SAelsf3DI35%2FRitl76e%2BdKEE9hIiRgBrR2CU5qCCDt1QkGr9%2B4eiIm7E%2B7MZJVsJP88f39Ik%2BcgBU2G2smtZ3uOFBY8WBqgl7qJ%2F1hNAYLHouFvyZbr7xeSQ0uuYnHXg%3D%3D\"}]}\r\netag: W/\"69e18d5c-2cb9\"\r\ncontent-encoding: br\r\ncf-ray: 9efe576ca953568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11449,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11448)","md5":"123809744f04e3e0719ad621a769dd5c","sha1":"0c1f9c6d73f5128b8b164ec4997b34d1a2dddf1b","sha256":"4318f1a011f3c3dacd2e97035845448bf25e454bc6091d5658007ebed73ca67d","sha512":"ae48f1aa9ab249d5f2db1b11cb5d7eb6b71ff94635724ad6c56e22035b6002c254f469b099171c73877414ba80daf5bd819257b37dc34c99cee5e4119bfeac40","ssdeep":"192:v1vNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:9vvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"65321a057973c9f9c6b784b5b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-04-21T18:10:22.409902Z","last_seen":"2026-04-21T18:12:11.711302Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/icons/ada.svg?v=20260409-assetsfix2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /icons/ada.svg?v=20260409-assetsfix2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 09 Apr 2026 12:42:04 GMT\r\netag: W/\"f23-19d72439160\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1ghKHAiUoUgLQZReGRVaGMuzfBtOGBIrmT3VNnY7d87Ne6e4b1fNz9rqXrVxvpIRQe1FwmutyEebToj8ElEQ1Uj1SG%2FgFdwJNWSTpgyo2rC80TMNFnRnt54jigtkRJTToQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5774cc1c568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":3875,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a429378d9e8284334b85f3d77382503a","sha1":"e08fa81f52301d4e66ddf8d4fd370f9259b595c6","sha256":"db824768c06f9d2e7cfe0c361da4e67eb6106b9d962f4190068b778e7314894e","sha512":"2d98e739c8bb402739ee045d2423e08590d279dd5e74a9210199d2ea9b84081b65683f1948e3ecdfd548d32b0145d2cbb5f6e0cd891af0ea8dbd0531540618a0","ssdeep":"","tlshash":"3e8174c223a0e34dcdc8d55defb1a8d1121b606d75fb64ca9edf8b48204bd8dfa01844","first_seen":"2023-05-09T05:08:14Z","last_seen":"2026-04-21T18:12:11.780606Z","times_seen":188,"resource_available":false,"data":null}},"time_used":868,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":868,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Frame%208-BqAgsyxz.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Frame%208-BqAgsyxz.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 7239\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:23 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937f-1c47\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HaJOf9fTAliflhdZJKvNdRanOAZ8dY4jkqAMq9SyE9j0jDST5WbXhmp2jrRPmul9R%2Bq9z03zmfyrPCBTwdRk3itwsFlg3nz6NnbYI2meMLt7ZkL5rt61YdtBk1awDSke7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57750c6e568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"75a72c4dea3d1c72958d06e43d016c04","sha1":"cf235da5a62609b4906cfd3eca2815d0010e824d","sha256":"fd587397411636272992efc7f82bac757bb590dab7d43397c81c7e8fbed942e6","sha512":"0ddce061afc227f09eb29ef76f8727d4912024661382f43f130594f8215f72890154a2ca9833f6bbc5a73b52ac17b93d242cc6613667e250a97dc064870d00d2","ssdeep":"192:8OShxXd6eltxGINi4o+REDb+riYu04FZwWQnv+wPInRa:+nzduUo+tu0cZInmAAQ","tlshash":"0ee19ef5689448b39a23843608c87f70db655b776fc149a670706a890e3127d66c2bac","first_seen":"2025-08-26T17:46:37.267799Z","last_seen":"2026-04-21T18:21:48.789817Z","times_seen":50,"resource_available":false,"data":null}},"time_used":900,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":900,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Low_1-6m8ONw4C.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Low_1-6m8ONw4C.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 5678\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:28 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69384-162e\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PzVEphfIm9TcJZ%2FAAar5dXMhxyKO7vrUBta8TnEs1eMaNIX2r%2BIBGYQrnzdV3RwIxAgKtZ1532rR5ZLkuks9tf3F%2Fi0r%2F%2B9FpkUI9JUxSo32mn29EVUFd4rwzmCTL6a2cw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57750c73568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"5103c807ea33c534b2710ac6d158b293","sha1":"791ce9f7dab4d0fa9e1c68d9295fdbec555d599c","sha256":"f703e9a83bac8e20f95f9efab361f7d5490d3c1fc71990e0ca7d6b873a7de8f1","sha512":"5af38160b36582ae82b65694d8d559f71c505dc98e0045cafb5dee8674156a373f66e5e0901ed688f6c00767344a6f5c0f6e141ce914c8486c1b3041331bf2b2","ssdeep":"96:8OSaygjX4v9yeCz+ZZ68HHk2fWXp3+YdG2K3yZ178HnxmDZZBnDuS2:8OSco/LZZIwWd39P8HnKDU","tlshash":"4fc18cce55b2d9dcdaa41fb8234560381929e197e010bc02c935bbd42dc4509eeece3f","first_seen":"2025-08-26T17:46:37.287888Z","last_seen":"2026-04-21T18:21:48.828896Z","times_seen":50,"resource_available":false,"data":null}},"time_used":901,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":901,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/kline","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 53\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":53,"data":"{\"symbol\":\"ETHUSDT\",\"interval\":\"ONE_HOUR\",\"limit\":50}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"1876-EPKs/n5G5FVRmcQ0vPaiMGvVu54\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fCjEOaP0gQ%2FSpSKCwBoHZgxUvdMsLcah%2FTO9Suz7pUWImapEGkxHfecwKoZqo4cW7%2BJjdnJXU%2BcZvDPoIMxulV%2B9563HNZkDs4IncpDLfhrK8hy9kZr6Dx6QMxKS%2FxdFlg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775cd6d568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6262,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"cf3e20e3f2767b214841ebd4fb9e1d1a","sha1":"10f2acfe7e46e4555199c434bcf6a2306bd5bb9e","sha256":"4f88443f0251ab40c21b0f036423256bffc15dd216b80ba5f69bed1df9f9d073","sha512":"e1727556d5d8f27dc17171613ae830d5b1a19099523a0e6840f9f97011db417f7e0a98d7da71196883057cfc5ddc843954deafd90fe131a12f007c3235b180b1","ssdeep":"96:KFEDcTjA53Cnm0i2IP4TF3dtMpowY9SZhwo:E8cTw3Cxi2IPgjmpXf","tlshash":"2ad11ea25698e094e133efd22f97bda41d2e7097a9ce0c0582ecdec04df153895687f2","first_seen":"2026-04-21T18:10:22.418003Z","last_seen":"2026-04-21T18:10:22.418003Z","times_seen":1,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"aiinvest-tw.co/ws/a366c9a5-c236-47fa-b166-bd08d499d0b7","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /ws/a366c9a5-c236-47fa-b166-bd08d499d0b7 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://aiinvest-tw.co\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: qSPL1odDDi15rW9ch7JgrA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Tue, 21 Apr 2026 18:09:43 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: lbHaojWrm3kP+sEJagDkNTq1Eu8=\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wymdtJyPN2i%2BjdnWzKCwWF00sdMREji0kjwu5SnW9cxeYHGfIC9yIjAGkWULOS7nNMMg7zil1rQL9knuvwW1fyiv9EKVPVOW4vd%2BgTbzoyJwohyOYt%2BaeHMrcocely885g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9efe575fbc3f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=489\u0026min_rtt=459\u0026rtt_var=182\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2352\u0026recv_bytes=1195\u0026delivery_rate=4859060\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=a1827cbcf3bb81ce\u0026ts=891\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T22:09:25.934933Z","times_seen":14033814,"resource_available":true,"data":null}},"time_used":943,"timings":{"blocked":0,"dns":23,"connect":23,"send":0,"wait":873,"receive":2,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/index-bg4-4HzhR67G.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/index-bg4-4HzhR67G.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aiinvest-tw.co/assets/index-B4CX758G.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 402697\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:25 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69381-62509\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yre0DaDI906HEmiSfTUJihDpm6T6rvdLn870IaKtzNYyKw%2Ft6KxId0Fc3de4Ls4mpm7YSgngBYAmc0cjX0Ynro84JcyFA0oZqlHvRa3kesYm%2F1swkKmxS5e8OWYlmOJcZQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57759d12568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":402697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 605, 8-bit/color RGBA, non-interlaced","md5":"e8d59ec576c7863d0a1634be119a9dd9","sha1":"904d9420707d71bcc8fe96d4bc3efd7bf6788e6c","sha256":"9946dbdc4e1830e4d974e4e2306b02eb2840791ae4fc3bfe803405261e8dffcc","sha512":"d7bb56461ed1d44c529ade4434da8ab75e6aba1771b1d76fe4ab4fd43edcecaecbc0a4fad78399b05d9a68a5df695e51e97e979462ee4c838c0dce1526be9695","ssdeep":"6144:LF22gP1p/A7+eFVOe5FE/FplkZ1CAauYMx7pHdxmDMbMzxMuVV58p3IDzZ:LK/NA5FwlkOArYMpxmDMIzjz5PzZ","tlshash":"338412c483210832ba90ee50b5618990d0282db7b405dd7517c7ff836777ba9ac7da9b","first_seen":"2025-08-26T17:46:37.261835Z","last_seen":"2026-04-21T18:21:48.79245Z","times_seen":38,"resource_available":false,"data":null}},"time_used":2264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1145,"receive":1119,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/remixicon-BVvFtaex.woff2?t=1734404658139","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/remixicon-BVvFtaex.woff2?t=1734404658139 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://aiinvest-tw.co/assets/index-C1YPvleS.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:47 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 176812\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:32 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69388-2b2ac\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wCmkltBHzYwENhBKvSQ8dWouzhgp2%2FATYiJ1xGXheBs6BAuh1CfUivULBqfJIDKjK4%2BVg407KGYYWuQ68ytiSlsyx%2FPEdPaaMOgXTysHZK0hBZMaBnudBrrU86U1EGHxZQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5775fdad568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":176812,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 176812, version 1.0","md5":"9f0118b43f57fc3ea9f55bbfb3a3b185","sha1":"f3ec7500bd2c615bba2de885d46bcaa91c20aa9b","sha256":"7ea90bbc7c505b98dd7d3a089a6fa32067e353150192951cedb05e26820936cf","sha512":"6a17cdb1c39d1638a2e69ac8c9cf15229d9f64ce9026965dd8e8878700994fd1db65f21be31e18a49ec36e0b0ca522d05ab7f3884b21a022d9ccde9795d0baab","ssdeep":"3072:8oI+omjEjOiEHbaa4yYDtZimTAj2QdJohF8EBGWXsL1u:8r+5baa4yYRTw2Q8C48g","tlshash":"300413f0eda0d72cd9c7fc12f48db606aa9c579475f790901bb0fef869ca4a8965c420","first_seen":"2024-12-20T14:28:38.376296Z","last_seen":"2026-04-21T18:21:48.793083Z","times_seen":1641,"resource_available":false,"data":null}},"time_used":1991,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1190,"receive":801,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/SetFundForm.vue_vue_type_script_setup_true_lang-Dn0EOhbI-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:50.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-Dn0EOhbI-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 2\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ih0x11yKyvquyHVWaVpcHkVh52V6KCxgznqnrxYgY7fsIXNrs%2BbjhXUxneLN22gkHudIcgdbvrsxx3X1tcHunwpGHi0G2nuu%2BQk%2F2PzbkJ9onxXFeD2UKON6tB4ODpvG1Q%3D%3D\"}]}\r\netag: W/\"69e18d5c-a7c\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5792cff6568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2684,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2683)","md5":"d22408cb99eb86354a01fd37d613655d","sha1":"b7c2b91d25171761f35bdf8b172e96d7912b9fac","sha256":"dad9ea74f8a32cddf8db432571645e7d6e1d614939b533dae8ff82e5728a4e9e","sha512":"de7a08c0b5f71956f3e5f7bc9bcaa0f761a1c0853132dca01ff5fb08d872d3334d8e514387f196c1cd16bf1e38a62b211913b244bb4b0d3916796ccedb4b3101","ssdeep":"","tlshash":"ba51430d24b2ceff2ac3a238224e6164e0c87fcfd7309759b67d417226c99f52619a55","first_seen":"2026-04-21T18:10:22.426489Z","last_seen":"2026-04-21T18:12:11.70249Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/common/getCoinSecondList","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:41.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/common/getCoinSecondList HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:41 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"11147-hy6qFR1/RtX/SbdRb6J6GBel2qs\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WNV9ZxNnPQu8WSaUBk88yQ7w8BfgSXfTZGUEBCE5dRuOqto30QacEsmNkJtuPTu2X2HktlgSPnb013YQa21E9A6GCcSswzrWfWSAA%2FHAo68eKJ8eydrY1GKvjjVahrrT3w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe57585de7568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":69959,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"014a831a20d3ac6b3eca7d073dad1818","sha1":"872eaa151d7f46d5ff49b7516fa27a1817a5daab","sha256":"2a61348197e0ea8d27fab91e105487422e53f71123651309cebe642e52a624ab","sha512":"3d7680b18a638e3753c23401f9fcc4bf7a42cec798cf3e205c021e8724112bcc7edf085520e7868ec2feac26e2c2ffcdaed5ac535775f440fcc7c58f768746dd","ssdeep":"384:z2ljIoa7nIi6IiwfR+IquIvG8i8Inca0IEVTaIVLIfII5ZJIgSI4ZIGo6IaqI8TP:uCJrdcdV6U8e8KyRoQ8NY3Hgql","tlshash":"08634329a738d1fd9221f2da19da791342ad32d57dcc8e0fd6ee49d122d96b7300be10","first_seen":"2026-04-21T18:10:22.427382Z","last_seen":"2026-04-21T18:10:22.427382Z","times_seen":1,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/notice/list?key=ROLL_NOTICE","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"532-acmB/nLM3j68R7M5A/TxVbw/YdA\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SPeqykLagyVoLRPPTd87nUEsaUTwVRwIsnaJGeAucb3ZnykLYKMnNENNKnmkzxWia9HRHXGRGYwTzCP9x7rIO5bDN4zY%2Bq0KIcSFqIWWymtC6BXIxDCetc7odFBpstn1aQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775ad39568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1330,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"415d98fd0085703fa149931c55c64191","sha1":"69c981fe72ccde3ebc47b33903f4f155bc3f61d0","sha256":"52d086529b9ac5794a17ab9aad25d947dc39b0ccdd0b5e9a7fce1ac1008892c8","sha512":"5dd14af0b9dd85b0b925c2e03c9c91fa0bea50726ed222fc8bd7e5326005d1f0ba683c23f8b3c29da9f55f914d04d1d18f9e6697eaa5410a238535b360769446","ssdeep":"","tlshash":"2221b69f244d1b820943814279917a7c7b9ae10c42134fe65da2ce4c0364bbd4e23685","first_seen":"2026-04-21T18:10:22.42836Z","last_seen":"2026-04-21T18:12:11.755231Z","times_seen":2,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/kline","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 54\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":54,"data":"{\"symbol\":\"DOGEUSDT\",\"interval\":\"ONE_HOUR\",\"limit\":50}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"16d4-/4zJ3OaLsXjalvBJMsfyCumWXI0\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O4j3en77G92MNauzrzKsACqEjIBoBBGrVC5RpHEF%2FBWk%2Fn24PS5Xa7LT6gEPoUY4GITpL078PxCvsbWY3kjdooAZAORnkGGzVjk2IyjlkrMWdJ%2BMHLvT9sAYKNJ8%2BQcKZw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775dd84568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":5844,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d243ccdfe6797724c406b88a621e2504","sha1":"ff8cc9dce68bb178da96f04932c7f20ae9965c8d","sha256":"d1693ddfc6128b0d1b1038688c2d20fdb5090cdad8bd8e40d90966eaa78edc8e","sha512":"65889e4463b413f91b8b299ffe8237d921c37b357bf51d170f2e199e9626345d7c0ce6c010fa23e4ba4af8e9d0f9f4cfa9233ba5d2b992336cb9c804917aa22c","ssdeep":"96:DBj3PQNoJp5axr5zU4+bbCQ7WfKTLCgU/E:DBj3PQNoK5zobbx7+M","tlshash":"06c10ba10e4cd065e4f39ea3af5379a4a51c749a9dcd0f0601ea99086af1733933c7f6","first_seen":"2026-04-21T18:10:22.429279Z","last_seen":"2026-04-21T18:10:22.429279Z","times_seen":1,"resource_available":false,"data":null}},"time_used":969,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":969,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/trading-interface-YvFbDJGl.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/trading-interface-YvFbDJGl.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 450012\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:35 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6938b-6dddc\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eKzmQ7NSKJSg3xp9m8tbNvWRdy%2F1oFCOIHmL5ZIJK6kJ4Z2243v%2BO8QQ7Go2jQMQFUeoZZ67odwo1QR4uoDbQUNzaRgBe1AH75p%2BbR0doOe9yPS3h7a50ZJqmb%2B6maMg1Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774ec3e568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":450012,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1199 x 769, 8-bit/color RGBA, non-interlaced","md5":"8e164653c295a947f0f5f890ace31218","sha1":"ad2b0b6fea992e6c58813ef2bfb054c4bf219343","sha256":"5414a7098f38784b19949671f3764c769fc9ec1cfa53445f6a083c70d40ed42a","sha512":"64866ba82d827f979ab4a565b85993384d54208092322810905b79b8ff869154c051aa081c69a074e16caf93644220f4fdf93108c9ac94d0be84c5d64f1397ce","ssdeep":"12288:z5/ZEt409LPsiceDij3a44IuvoHZt0JAyKsvX4UCQFX6CKb:z0t39Uic4w3aVIuAHZtOKI4VWX6Rb","tlshash":"b5a423d46a8c52d4420fa54146bebca35e188bbeb733e140d4ce90968f89b71462d6ff","first_seen":"2025-11-30T14:17:39.784095Z","last_seen":"2026-04-21T18:21:48.786991Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1603,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":405,"receive":1198,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/common/getUserCoin","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/common/getUserCoin HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 2\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"8321-6jTTIEt7argAjaPIXAmJgJ04GE4\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3lYnaaTk2GNr4hMXY4FwUjzjjtqwOmuD40pieh85GqU0%2FaUVsHEqx6TYZgpe7%2BVZf1lkfSxv%2B6yc34TczqlhbLpGSMXhrYTtcjg9NQKGh8hAGF%2BnLqusSnU55v8ELOkv9w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe57600fa7568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":33569,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7805f8d44ffefdf886956f0b7f6bde7d","sha1":"ea34d3204b7b6ab8008da3c85c0989809d38184e","sha256":"211ebb40aa7d418bcc17bbb5cc47e6bd97ffc700482baf42d7d8ab764fc55049","sha512":"d42c789875d47e5d80d5109231eb23fe8989c4f29d76f2a4dca6ae8dcbf35fdaa2e83c415b5336c8444d70beec321fa9db5f6376de379ffcaedca802f1119fb7","ssdeep":"768:9Ec9yVxaX1IoccMEXZ3f8VjC7OLkfVYkeemiwzJoH4oP:oLkhmu","tlshash":"57e23970110c63aea9075ddd4c732f993cb43e1b1bd9c2c85851aa67f4b7eba128a743","first_seen":"2026-04-21T18:10:22.431022Z","last_seen":"2026-04-21T18:12:11.737114Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1161,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/icons/eth.svg?v=20260409-assetsfix2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /icons/eth.svg?v=20260409-assetsfix2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 09 Apr 2026 12:42:21 GMT\r\netag: W/\"20d-19d7243d3c8\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PIUkPUNbDwjfC6hYY3vk22Z5iUOv1tSswa0Wv5vVJYbt2NBMFITKV0HKehgfmWUcLiKeGnZNDK%2FWZjfbc5%2Fl0RKGkR3rxZL1ty%2FZzKJ5Ol6%2BZQFNELGEd0U0LWhDfITDZA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5774bbf4568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":525,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ed79179a3b6bc2c2ee4c54d8ade79b01","sha1":"14b7148647a28eb4f861f8da283a89f0acf1dec8","sha256":"1f94df8533f61806f7b17eaf9cd28678cdba66e1d82a9ca8f9fb38d35a907e9c","sha512":"590a8fde3f1bcac91ccd4dc2cc02f7ba602cc4b15f137c1f3758bcc5072c545167f7dae4c16837bde366561fd08ffdbfe5a087dee8f7e75feaec9ecc77a2fc8b","ssdeep":"","tlshash":"a5f08be95d287450682b1ffce67c98d3306771f40a3d0cf9b1800512e94995b9cd2b40","first_seen":"2023-05-10T14:51:47Z","last_seen":"2026-04-21T18:12:11.68949Z","times_seen":194,"resource_available":false,"data":null}},"time_used":931,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":931,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/icons/sol.svg?v=20260409-assetsfix2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /icons/sol.svg?v=20260409-assetsfix2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 09 Apr 2026 12:42:48 GMT\r\netag: W/\"24d-19d72443d40\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RiczXcxmBg9nOi5lx0rK2SHwbVlS%2FLT4bIu0xjpYkMW4lgnE4rqf7EU3OwiGJQMxhN49fx2ByG19g6bpewmcC8VP16c9YPoO88D8oPuztITwsvJiXVbpkMc6EM0vI6fGCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5774bbf9568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":589,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8f48b6e8a88f7b0aa4b6598aa7715465","sha1":"93e573e9f1376bf17af2ac11f136c597a5eed82f","sha256":"94e47e7c108a338cc4a79b82673d66cfbadfcf4c934ccb9c2ca8f13e8ea7dbb2","sha512":"0a7981504e74f5fef2b3526fb5be81692c5362e01b17fb49c068a2f2c3744c9cab65562a71d6feb837ac360fe290310e43ae3a83a79ab0e1056f4ec0d6653a89","ssdeep":"","tlshash":"91f046e2a15cf5cee04cdd1a24cfb11238a13047f07be4d0bb892684f88b0c7ba04e64","first_seen":"2024-11-08T20:22:57.120472Z","last_seen":"2026-04-21T18:12:11.782098Z","times_seen":89,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/icons/xrp.svg?v=20260409-assetsfix2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /icons/xrp.svg?v=20260409-assetsfix2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 09 Apr 2026 12:43:00 GMT\r\netag: W/\"18f-19d72446c20\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P6XPiDPoEXDDH7D%2BPoP7ZYT2nUIO5fq4i%2BkBtROwGzVjGI2hv5qhPGvSJ2AoHt2YHLvMVer2ceXFLT1vCexRFVUHvcJNh7Gzo6ljh3PRM98v%2FOkXspPi3ECy1JAfgbl6IA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5774bc05568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":399,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"84ce7542e288e2bf98a4da4dbde2594e","sha1":"e85496f0cf50b2158de788a0d87319e28dc9837b","sha256":"31fe41b6b3a4d98c9b46d7c37d60dea97fa5d9ebbd235ac5bfe23e4fd1eb8361","sha512":"5ab148cf574017486cc40e9f9ab0c94fb8065021114e4c226523c8aaf5ee6c97874c0dffe4dc843223454f1c8a1a94f8189acf2a2e091afe3181257a35bafcea","ssdeep":"","tlshash":"bee0aba935f4d405448a8ea9d52a30802011a11e3159067ab040f619f8a30e72c05ce8","first_seen":"2023-05-09T05:08:14Z","last_seen":"2026-04-21T18:12:11.783716Z","times_seen":240,"resource_available":false,"data":null}},"time_used":872,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":871,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/icons/avax.svg?v=20260409-assetsfix2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /icons/avax.svg?v=20260409-assetsfix2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 09 Apr 2026 12:42:10 GMT\r\netag: W/\"37b-19d7243a8d0\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0nzuGQKyXdzXCm4cidAktUJ7g1t%2B4bDHfiEG%2BwS2YKuDse7El4nc5kbXxJm1Saq9QQ3qaDTENHDI4s6FRdhhugBpjWbh0aKzFgezVODheNpV%2BHfLu5VQVF4yeMrGJE3MzQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5774cc1f568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":891,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b6866726a46aed0146734cc1fbb614c1","sha1":"11c64b2e0c7b671d44f1276a0da6263b19d4605e","sha256":"95cf2aa72897c349695944c02f285630be4f9feffae91c138c552ad9112ea5de","sha512":"3de05c6bccbdd6b42fa37e1e22fb3ac0b81b0fcaae39763607dbc0714be40295360416af0f9a3d973fb326cbefd542abeb51f69cb521230833402d51f4934dea","ssdeep":"","tlshash":"0f1140d6276065ace8ddd57eeb35798004ab70ae78e3808023c59706f51b99fbd1c860","first_seen":"2025-08-11T15:48:41.078071Z","last_seen":"2026-04-21T18:12:11.787796Z","times_seen":34,"resource_available":false,"data":null}},"time_used":892,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":892,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/index-BCHv3Sqr.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/index-BCHv3Sqr.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CRttcUZnVQajEb2%2FT3H2Hwe3bjuDIuAcBjdUmbuqArDUEJniWRSbv6rmGbGQz%2B6LtzMXql40v1CuQEqAivz%2BAs8PiZ64P%2BW1LDe8UTmdYpPxifLcPhSZi4igVdVLoaQTrA%3D%3D\"}]}\r\netag: W/\"69e18d5c-7a0\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e4e568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1952,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1951)","md5":"676041008d173e2b5c50bf5f2352fd3d","sha1":"4af253b1a90f4c8725cbddde15614ef29ea5e856","sha256":"514c3774f9b923984b2bd7c1edda1b9b4a48569786e46456fab2eece128dc3c3","sha512":"936514f1547865c3c2a3ba837c85339cf54c406f5ebf575a4cbe577c4a1e795896d7d4fe44cf5c5a5bec28fc394e806dc21fe65d59bbbe6fa663427cf88fee62","ssdeep":"","tlshash":"aa4111f2a299128d33f79c30c596a22d422995c3e7910adc725f766cabc3bda2d74018","first_seen":"2026-03-19T19:44:46.46353Z","last_seen":"2026-04-21T18:12:11.775254Z","times_seen":5,"resource_available":false,"data":null}},"time_used":902,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":902,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/crypto4-C1r0vD33.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/crypto4-C1r0vD33.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 19381\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:22 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937e-4bb5\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4sn%2Bvqza5LmMkPbCGMFTLnmAC5OVI3cjIuzENvjWzSDC4eqyfWE%2FAVulBSHNjT4M9GPXsNpxqPmTn0%2BBnAE71cslScf4ISK0QaVDZ79eJdA4rjML89Pk%2BJ8eYQtBQvt84Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774dc36568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19381,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d067618d9d6147cf94031dc7b0e54f34","sha1":"9eac76e72b792627e4262bb3c3349b9a95e76a14","sha256":"51e7de570156dd0d9f5be2aea42306c4e0d810e2f5031ccff71f7a2b7707bfeb","sha512":"1cfbdb4d59b63b7508ddfde9cf307fbbbcc21c9eebcb17d05b5a52c0689acf9a6c5cdf75138ab87ae4d2eac26f12834fc4c4e0e23e94bcdd489b53264a93ce43","ssdeep":"384:SYrMlXfj/ycORUUZpYLOsa70OEU1pKfX9jLKAd6NL3UvOfaDYMAG3eQKRD0:OvmuUZgjatEU7KFjLD6NLasbG3eQKRD0","tlshash":"7692d14cf04b18795a05a41f191ad42bbd1ede7ce81b0123dade0d7945cfbdd9a44348","first_seen":"2025-08-26T17:46:37.293947Z","last_seen":"2026-04-21T18:21:48.795134Z","times_seen":53,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":364,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/common/getCoinContractList","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/common/getCoinContractList HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"11143-HUNY4A8SwdScUED2Vb92CxK77AY\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C5yWPFP6bxTqX2PAc09Lqw35v4viRLWVIdPPOWgM6la9hZvSAHIDrgV%2FgHbaLl3vRDUaCJNbIABpVPTESD5erAwIFDgvUcgn7FtB6il9nxbqcM0I9F3U3TmHlR%2B31J5%2Fug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5762fbd8568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":69955,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"43f2ef31f7bc12acaaf6ae452690db1b","sha1":"1d4358e00f12c1d49c5040f655bf760b12bbec06","sha256":"9e3820a96b3a464dc6ebf140d64542cf1b83f035d46cd7fe7da5086fe72316ce","sha512":"3d9e422212402b7ea9f9c35d6f6e5f4a533af14efeb75e6feb3a0919405b5946949c8bb88624084ced3e224e28ab9cb61c20693c2a5ccd7dcee8ef8f74ec4915","ssdeep":"384:a2ljIoa7nIi6IiwfR+IquIvG8i8Inca0IEVTaIVLIfII5ZJIgSI4ZIGo6IaqI8Ta:bCJrdcdV6U8e90Kk1D8NYWHgGl","tlshash":"c3634329a738d1fd9221f2e619da791342ad32d57dcc8e0fd6ee49d122d96b7300be10","first_seen":"2026-04-21T18:10:22.435386Z","last_seen":"2026-04-21T18:10:22.435386Z","times_seen":1,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":336,"receive":121,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/tech02-fCe8e4gN.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/tech02-fCe8e4gN.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 5630\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:34 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6938a-15fe\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tc6D7yfL75clnHbXlEFtaQ7xx3NQgh1lMV4ee%2B5gzrq0IyDHhqDyXs%2F1W7i3zPqpJXBVM8QZmh9GwjX3kW24tBnZCvOH%2FmwQu1JmLd99Zdzm%2FCPKFJuHJZ0O2x0sUDuvKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774dc2b568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"9f0f4960f780ae1e5e85227bbe3383bb","sha1":"f8ee4ead676d1560556168f55b35d53fe32a6d41","sha256":"7cae8a74bc918d12efb430f71dd41d15d06ff373a260547749045449ef9f241d","sha512":"cb7b17a623bea5b449df7a2c0b27ce3e9f8040b3d51bf0be975a798349085e09ed86be8911600ed54a2aa48c11dcc64987c2d1e625560df781108a7afa4e8bc7","ssdeep":"96:A4+Vq+5u/C6+xiKXdoPS2bcPvnGSzKHRe4YebiR0u0tsroQiWcUU9+82gCUuSq48:A4+OKXcSfn7zKHR1YegwscQiUU9+vgCR","tlshash":"d6c18e4e24bdb9424820166045f90171d8aeef522a2f61189b61078ce9983fff5adbdc","first_seen":"2025-08-26T17:46:37.297934Z","last_seen":"2026-04-21T18:21:48.808661Z","times_seen":38,"resource_available":false,"data":null}},"time_used":879,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":879,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/crypto-CzKJroU0.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/crypto-CzKJroU0.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 39738\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:21 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937d-9b3a\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oh1gysW%2FrrEoNfcqsPLvZjC%2FaiTGCUTWAQnjp5g8Aw5vg3IkSNm%2BA2aKYN9XAu%2BN6uCoWAPzwIb%2F9JtLmnpNEaQJrxbYJgkBne7lgQBEj9eO%2FujCSZwsN4VR1T1nXPMGNQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774dc31568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d96f714646b573194b60928d259b4aa2","sha1":"6094806144be7f313efb1d6ce0394e2e1c916e8c","sha256":"f9dad38264fde116c4af1ca31c4f4e5853c22ff612c5aa1356fa788030fd3e56","sha512":"5bc291929ae2da85c57678debf71e608ef311660ff9030eeba1f254470ee822bbcf6347054399e30a4dda40829222cd69314bd0b87236c34fce12b36325bf234","ssdeep":"768:/uuO/MIYxLYmYAaEJCQgwW6scjj+189Qlf3AqpNabUesRt+HPi0:/ZO/MIYxLYfZEFgwRZvY8K5hpM60","tlshash":"2403f273f51364e85cb0e3ddbc8a7299647e91361ba148508411788f563cdb43fb64b9","first_seen":"2025-08-26T17:46:37.250301Z","last_seen":"2026-04-21T18:21:48.832087Z","times_seen":53,"resource_available":false,"data":null}},"time_used":1361,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1203,"receive":158,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/kline","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 53\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":53,"data":"{\"symbol\":\"XRPUSDT\",\"interval\":\"ONE_HOUR\",\"limit\":50}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"169b-JTBqQr9W4oBtmK27/ZeEp79t+mM\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lT0CLJjYexYIedPEB6H%2BNSh40dHUUZ%2FDKkLBYx6jVhnLkm%2FUcuWSgPhRbifuVKPRJlMCZVlV%2F953XOYzGa9xpvweOV%2Fh5v2lMNQ6tNnnk57dRclA%2FP0L0YxqoG7c456r%2FA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775dd7b568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5787,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"37d2376042b692b81bd714abe8d58a03","sha1":"25306a42bf56e2806d98adbbfd9784a7bf6dfa63","sha256":"49d5ae7ec969767c5c3d15a8a9a8d6e50ee241ee45b61b0723113736930c009d","sha512":"812d245116ee6511e0e153ff7c3904b070e442b221c0b5bbeb83aa345aa67d7d93a72e392f5bba11ee8547a9737fc702a1fb27a8edced4bd557c6802fd980373","ssdeep":"48:Yd+7XfBafzFz8BzT//LStfpfxFcal8sVdtBqa5PlhafQUOfsQIf5kjbCnIQVRCU8:HGh8lytBpLrV5WCCJIcEf+5bnXpxeSrg","tlshash":"22c1b6632659e064e033dea23b577da99a1d70879dcf0f09029c5a004ee0633f66d7f1","first_seen":"2026-04-21T18:10:22.438059Z","last_seen":"2026-04-21T18:10:22.438059Z","times_seen":1,"resource_available":false,"data":null}},"time_used":968,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":968,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/uploads/aiinvest-logo.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:46.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /uploads/aiinvest-logo.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 4782\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 17 Apr 2026 01:45:40 GMT\r\netag: W/\"12ae-19d991d7f5a\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dPOgWuWcM30TXYEWW7oqLUi1tkOPXeg6OChzX%2BjbCflmnXQM5GbphU0Ei8d9fM%2BzsUVxNvL87SRot3OT7P6DYmoOcaP3CRVAyLskffiuyzgbZORrfZ3qyY65%2BwhUq3IL%2BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5776ceb6568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"9b3b62a4c46e1dc2286c735a3a2410f8","sha1":"db9b6441a3e110d34631bf1f1306129201a677c2","sha256":"0bbec2a12f871907035ab243cccd9965661911990f55b5c56eb0f36666cc44de","sha512":"9dead447d08a4b053cf3220a491ae98bc5645ce6aa9d53e71a1521b7c6db1d87370c1f425849599e90ca23ffc8737ce7498b0ad5f7003203e5b2587213090351","ssdeep":"96:7sgbhbf0jcGgNNtt54Sp/uLN4wZHI9NLrZLH1q8lP6zQE8tkGAwJ6VMoPC:XbpMYN/0Sp/uL3o9NfZDjlPgEUwJ6VMD","tlshash":"5da14b369674ee617dc2623dba89cfa3aae7da4087d48593c494fb8f0928e021461e51","first_seen":"2026-04-21T18:10:22.438912Z","last_seen":"2026-04-21T18:12:11.746538Z","times_seen":2,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":869,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-rRNhicZU-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-rRNhicZU-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w3%2B3Ps3JrIHPRK83AFLlE6edNQlVRiOzrNArR2RlMRolAlROzInAguLttvn9ej4c3u4PaFcZdJCzfPS6Ll%2BdEtp9Ws6F8sKEx1dixWKKpgqVpwnpB2ApH52T4pz4ChmhFg%3D%3D\"}]}\r\netag: W/\"69e18d5c-cae\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e5a568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3246,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3245)","md5":"0db5c230bc6be5b2f8f2e27cfff5be86","sha1":"18f1c93d73924e9584e907738fe685e5d5517c32","sha256":"d30412de4012106a6f1b0a970a81e9d7e41729605352534b37d050f62f1da4fc","sha512":"a7547a2da77efcadf07ac17dee4527c89275d28c0aa3870cffbfa57be14a1fbc70f32bf7e82bea6e8d7132caac80cb5e26b5088ecd881e28aa0b2bc0eaa53f98","ssdeep":"","tlshash":"be61a7d978b7f02087b548ee507b0636e23937592408d0d4e01fcd8a3934d6aa2a7e25","first_seen":"2026-04-21T18:10:22.439879Z","last_seen":"2026-04-21T18:12:11.673462Z","times_seen":2,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-Cprivexq-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-Cprivexq-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jFZTbfeTDarhe0yzWl%2BbRVx4WDb6cmWQbK9FYSL4eLdE6CLcyprtrZAhuS16Pnj4m908A9Gl7lhb8x4WoBllA4MJWtBnQchW8OrWLC0IdTDIy5JxtC4cRxfzARWh%2F2kDeg%3D%3D\"}]}\r\netag: W/\"69e18d5c-2a54e\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57604feb568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":173390,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"cf823539278a9e16cdc7425568d7adc4","sha1":"4168c95da429a6d0ac5a9c3a49cdeab851d0a1b7","sha256":"23f62a9e69cbd2898abe28a6a9ee6415ed052cac3d40e4b3aba1c7ec6f2e50c7","sha512":"22a180997d3cfcd43a95aeedb470bf7d697f915e321b7361c67b8f32bdeebaa6f4b8a9b65cac8dc71cc72fdc3464146697e27080ba17e745072b1285c7a322ce","ssdeep":"1536:V9R8W1dTRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:HRhdjTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"de048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-04-21T18:10:22.440756Z","last_seen":"2026-04-21T18:12:11.74875Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1928,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1164,"receive":764,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/ArticleViewer-Bc3iNfxN-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/ArticleViewer-Bc3iNfxN-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pNclblI2C%2FqG7%2BPOBLZRSCkPqP3A3Cj9biAD8dAn4DiRxFK4DWMMOLiuL8P%2BOGp37aXeQ98ElxiUhQRBpEC84xLOaNlZmwU8EhRzcvVL4p4xYJJUidUDbv%2BUnxGAOO4Nqg%3D%3D\"}]}\r\netag: W/\"69e18d5c-96e\"\r\ncontent-encoding: br\r\ncf-ray: 9efe576ca95f568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2414,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2413)","md5":"594476543ac016ad2c332c145632b099","sha1":"acb47466cae7d63466babde56bc5e421d24facdc","sha256":"8ab5e4adb3ab9fab22c948198568a1fe28647c91ca0be6977a4a9d2dae3a6f12","sha512":"fead0a8fef4e162909339700aac52f5bd45c05e43b1a1cdcaa58eb5959569e02167c1650e7a7201877a271948cadc6132e565f0163036fa8649f50c22f818c0d","ssdeep":"","tlshash":"7b41949c2076cfb896f38339a58ad6549044bbcbd7118a89727e582a2fc0eb17a5c304","first_seen":"2026-04-21T18:10:22.44183Z","last_seen":"2026-04-21T18:12:11.716272Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/icons/btc.svg?v=20260409-assetsfix2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /icons/btc.svg?v=20260409-assetsfix2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 09 Apr 2026 12:42:13 GMT\r\netag: W/\"3b9-19d7243b488\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GV9IFK1FajsqGVIpcUkwC%2Bv6tnv%2BGIU%2F2mYY%2BUpDHtPkwITbBGr0lbE3dtAiyIMg2QSW0rZoLmAc0NFfTqesonOGXsZfdCADRWTJifjoYMg%2BGjUVJCG%2BP18qk2l4dSMpYg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5774abe9568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":953,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"edae64fcb50f425e582a9a1429784b70","sha1":"cdcd71434b3e179f57627bda3625ae61240715c3","sha256":"5a8131ecdf855b12cb56080aeeeefea266976529c45b2d58c284a13b7519f4ca","sha512":"8313b5900bbb90d04597b74d7bed7cd1c4cf9c52718a939eb996e531e37b74dc55ba787171eec6cbecbc524bae28cce5376065324dab6b5f8c1ce250ecc5c964","ssdeep":"","tlshash":"511154de16749548699f8d2cff2bbc463012f1bcd52e9ce49aff6d4470c2ae13140914","first_seen":"2023-07-08T18:24:36Z","last_seen":"2026-04-21T18:12:11.78713Z","times_seen":212,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Low_2-BPxk_UPI.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Low_2-BPxk_UPI.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 9398\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:29 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69385-24b6\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s2pbIQSKnyQlv3DQidjv3g5tDWQoPPWKHpU3zktKIm9DmfW%2F9%2FjEH%2BYHGKUclwCPjYO7PiQursPKgDvMuMkPTU80A7BPPJ0i9XyyEGTnNqDBmwbAZgfwFwox9%2FDRlyGqRA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57750c76568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"ce19171ad2413080ac589384fcdd4a01","sha1":"7b7da4a5cc5aeb1b1f10266de0edb0bacc2fdc30","sha256":"68582f4a49950d5778e05957baddfb31bc321607dfc5af01c519cb84f87ec0a7","sha512":"4282b94584460f26d89f307072438f1c29b017c81d4a5d3cef14d06e839a2953e304c8f3447907bcea56f84c0b2b87d4972405bb04da530de1a360865c579b44","ssdeep":"192:4S+V2BSNF7kJS4V2yFaVkIghjKpg3UhUyBL1xWczVDF7Tqxwyvgajoto:/wyM7kwbW6JkWUyIUDwqo","tlshash":"9312b00bbc2b7d3b7211f80944cc37a51c1ab8bd05ad839188b576951adee58d7e3ec1","first_seen":"2025-08-26T17:46:37.214917Z","last_seen":"2026-04-21T18:21:48.81371Z","times_seen":50,"resource_available":false,"data":null}},"time_used":886,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":885,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/kline","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 53\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":53,"data":"{\"symbol\":\"BNBUSDT\",\"interval\":\"ONE_HOUR\",\"limit\":50}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"179e-DffiBe1atFRKigefcHHaM1YRhWY\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IQZgThqLkXSEjxR%2FCNLxnER3EM2%2FPIbuqP15b0ow5xMJyPLWv5zhGXlw3hKVcAArTjWMfgFP%2FFJ8DypnGnYWiLHnew%2BS3ZN6raRTkJLS30kRkMSXWpkZjsMEHnjUXexkGQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775dd77568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6046,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"da1b1bd62538f394a71a9bc4b2da9987","sha1":"0df7e205ed5ab4544a8a079f7071da3356118566","sha256":"e3feb28e8bb71ff0f678cddf1be05849bf3b551db09db4267a45e443cf48f1b0","sha512":"cd40d834b2a62c31262dca7d13415430d64f282e66748902d86595e1a541be72a63ed5bd178eb08e8592eacd70113969d50bfecbff8893244e259ad2b518c9f1","ssdeep":"48:Yd+5E8fwgz9zVztdxZwbxsXN59GNzfydxc8saPTJqhAXhKr2XnrtY7f4x5xbd0rz:dlrpxtdxa2XCkfzlHlKBUZLYzCjZ2Yc","tlshash":"96c13c275a88d155e033eda26f93bca41d2dbcd7bace0c3912d89f104de163486687f2","first_seen":"2026-04-21T18:10:22.443583Z","last_seen":"2026-04-21T18:10:22.443583Z","times_seen":1,"resource_available":false,"data":null}},"time_used":978,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":978,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-ZroyYXz3-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:50.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-ZroyYXz3-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 2\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FOdsWkHjFjC6rKV6JDn5fSxIdrqSSCcS8KarJpdk29EMooZ7%2B%2FZ01xY%2B5Si5%2FzswgZhIV7C0cCVGHRrhhDQXfp7lW%2FZ%2B9qrq2YVGhbYCLU4zFG3V3D4ZFHjyAWpR1D3v%2Bg%3D%3D\"}]}\r\netag: W/\"69e18d5c-5f1\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5792bfe4568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1521,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1520)","md5":"f6663fd3b0bb85e3ab345b7fe697fb68","sha1":"af6fc72189184d9cb9e46b117a422aa8568ae326","sha256":"516fd516183fb68fe521ae71d1c5cc591500b191d236dad61d8e39195e813622","sha512":"9ea86da22b13cc4289f63053217c369bef34d518b9b8310c2f8f210d5ec22c55b62c9a59b8882bf4fe26ec4a9a1258e95a5b6da2ea96adf9bba6e9a22ee3f0f4","ssdeep":"","tlshash":"bd31420d9073cbbc95a391391b4a2168d2847fdada708bccf36c14723aca9b7592c640","first_seen":"2026-04-21T18:10:22.444504Z","last_seen":"2026-04-21T18:12:11.68025Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-rRNhicZU-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:50.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-rRNhicZU-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 2\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2OuODb08g0rxdH1Fo%2F0c9vydlz83Untwr2nPhdjHYFkB0%2BaKdxMgY%2FUpnytdFdQV4xzwnI5pZFKzAUKFMPFv6UvCLyXrZ%2BWqi9Zl2YMLJILgRy%2BHL1a90sIdGzBX5GIM8Q%3D%3D\"}]}\r\netag: W/\"69e18d5c-cae\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5792bfee568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3246,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3245)","md5":"0db5c230bc6be5b2f8f2e27cfff5be86","sha1":"18f1c93d73924e9584e907738fe685e5d5517c32","sha256":"d30412de4012106a6f1b0a970a81e9d7e41729605352534b37d050f62f1da4fc","sha512":"a7547a2da77efcadf07ac17dee4527c89275d28c0aa3870cffbfa57be14a1fbc70f32bf7e82bea6e8d7132caac80cb5e26b5088ecd881e28aa0b2bc0eaa53f98","ssdeep":"","tlshash":"be61a7d978b7f02087b548ee507b0636e23937592408d0d4e01fcd8a3934d6aa2a7e25","first_seen":"2026-04-21T18:10:22.439879Z","last_seen":"2026-04-21T18:12:11.673462Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/ArticleViewer-Bc3iNfxN-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/ArticleViewer-Bc3iNfxN-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Meqs7hq2pIfvk6ltfu4gbC%2FWyiVY4Uu6WTDXCzP%2FBREnlZemlW%2BJhXMrPq6UL%2FOPyLqYD%2FrgjkFqfwx9u73iws65GkHn8%2FBTRYaMgaVaRgDI4p1NDTI%2FpnIggK4RJyLy5A%3D%3D\"}]}\r\netag: W/\"69e18d5c-96e\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57604800568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2414,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2413)","md5":"594476543ac016ad2c332c145632b099","sha1":"acb47466cae7d63466babde56bc5e421d24facdc","sha256":"8ab5e4adb3ab9fab22c948198568a1fe28647c91ca0be6977a4a9d2dae3a6f12","sha512":"fead0a8fef4e162909339700aac52f5bd45c05e43b1a1cdcaa58eb5959569e02167c1650e7a7201877a271948cadc6132e565f0163036fa8649f50c22f818c0d","ssdeep":"","tlshash":"7b41949c2076cfb896f38339a58ad6549044bbcbd7118a89727e582a2fc0eb17a5c304","first_seen":"2026-04-21T18:10:22.44183Z","last_seen":"2026-04-21T18:12:11.716272Z","times_seen":2,"resource_available":true,"data":null}},"time_used":873,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":873,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/login-bg-CtTnvaIr-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YBAXsQxcqHf%2Fr%2FlWjy19P79qw1C7pA0R3AdCqHeyeZhVLuspxyy%2FD2dVnWkhUZhRV2lTgV8IXgh2beBptz4d52D0QW6xiY2b0S2vQLBO4xta2ZZbPw7okZ1pxJqFaUO5aw%3D%3D\"}]}\r\netag: W/\"69e18d5c-5b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783ddf6568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-04-21T18:21:48.806487Z","times_seen":35,"resource_available":true,"data":null}},"time_used":898,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":898,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/loan-RS8PKRPW-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/loan-RS8PKRPW-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uBZwb7yV99kW0MDGgbaI7FLI%2Fe0WnRk%2Bv5aKWeKUGdlcToYeQq1RARTWdENgfKerBnxxucd3liwEFstrZ5NPDYEB6q1HwYRVTabID5BbXcPImaXESUryTEAfwuCvD60Bjw%3D%3D\"}]}\r\netag: W/\"69e18d5c-24f\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e55568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":591,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (590)","md5":"b07e5624d6c3e7957e21d7809e702ccc","sha1":"0295aeea63db4516de56f65a16d18410e6f54971","sha256":"a98840509eb0fa5c2cc36e4d3bbd8a014c3e3e693be655acbaf1ea89b7a58d73","sha512":"480ab9135b355364ec7559c3eb52a727c1ce85d978b9fe40e6ba9df275749001835b199aa42f9b9cd4db80a457dd18a479073dba649755a1ba75172b516e3419","ssdeep":"","tlshash":"6ff0c8dabd079a7f9135d22930923d02b43b9a31def614702f2ad4678b2c089675a941","first_seen":"2026-04-21T18:10:22.445281Z","last_seen":"2026-04-21T18:12:11.758574Z","times_seen":2,"resource_available":true,"data":null}},"time_used":873,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":873,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Footer-kqO8xzJ8.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Footer-kqO8xzJ8.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ylQ2Fz1FxEmgPzHbZulmqeInXxfKOBXfzmwd1KmMvZV5coSuEEWCn%2BJgFKOZNf%2Bk2o1AMVYN1OCZq3wmQcRZZOgFfPswIlJtkcPYQUhzO4N%2F9qL9IzYpOnzR1YmMasMWZw%3D%3D\"}]}\r\netag: W/\"69e18d5c-60\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57603fe3568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f2d8db841ee2cccba46a4846bb383b9b","sha1":"21ec1dc977ba6ee4b0fe0a042add8ff45f05ce42","sha256":"8b180be1698077bebaaf6beb91aa095652e82bdb700bb511b126055be7e155ed","sha512":"746edcc3f53af777995441974d93a876940ffe4fec86613f9f14d3801a2f9e7d0811f7d9ed5ecc3fb6525ae957665a71e779b3b391dd0435daad7586389ee8e4","ssdeep":"","tlshash":"69b0127030ef5567744f62b93015a2308159c106d3051e0c353c62fe39d20001157296","first_seen":"2025-10-10T02:51:18.076622Z","last_seen":"2026-04-21T18:21:48.829554Z","times_seen":35,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":864,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Low_3-CoMiX5LU.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Low_3-CoMiX5LU.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 7584\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:29 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69385-1da0\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dJbfMWomo4ahIVuGLTkJI%2BW%2FvA6zQG47r8uPpboIfmlQFwKXMl2zuxFDu6jB3lCTeBFi0wXRUOuM0Xf4trsX99ByKxNXWfJ8ApuinXlLNfXNBNcMd2pxsJ%2FdoZp%2BkoPNlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57750c77568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7584,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"a8b00a7e3bf2f70c8c4887d24abe8b51","sha1":"92ce419cdd7ab6e8d8e7bc05500761fbd08eaa9a","sha256":"8f98a9cc45245fbac829f6a93e5e24c3c5e3703ce68eb080d4c9421c297dee2d","sha512":"9db0c799a8dc0e938d327e0c20f3cb3cb98d3260668705dda23fb04e73efe9278988f6499b2f96df201da432efb01a8b5ae44efe08195914b02479dfe70bdc23","ssdeep":"192:8OSF296sDSSaQ+8CQ2twPskLuqpZ+DJ72iUyoutP3QB:+I6OSZs2tnkniYiUyo2E","tlshash":"c7f1b0d7a5e96df1f736311988dcd2037f0fb258a6a00a66f5039a84e7f450c870f061","first_seen":"2025-08-26T17:46:37.283171Z","last_seen":"2026-04-21T18:21:48.786234Z","times_seen":50,"resource_available":false,"data":null}},"time_used":890,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":890,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/filters-CVVMcBXU-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:50.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/filters-CVVMcBXU-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 2\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gA9hegblNChOE9QrQE569yberD2HWeC%2Btp1TieMNtH2t5y0Jvv%2FTxudO2liME%2BvRZgx2lJ6VUyyc9u6vZjR4MnOppFF%2FolR8ReRP9r33DRIJ2HN2gMuSbltDdmjr3IJGSg%3D%3D\"}]}\r\netag: W/\"69e18d5c-421\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5792bff0568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1057,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1056)","md5":"959f10848aa622ea30be381c5a450482","sha1":"92f36636b5bd6a081e17f282a739faacd4ff12fd","sha256":"7ca9403b3059b7a30b08bf2b54e1bb78b22146ce1334b25481f904efee320cf5","sha512":"e5d43811510e475b63c3aabc470ff631b8bfb3d00c9453f4f8bdfb8e4ec292e814ce16609b6ccb19602fbffd877dd75c298f42bee60e8049640ca00124ca71c4","ssdeep":"","tlshash":"1f118ba995c6c67b02fb88c9514e418768e87f78b00e4b62b974f1123561091f4be393","first_seen":"2026-04-21T18:10:22.447587Z","last_seen":"2026-04-21T18:12:11.751735Z","times_seen":2,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/CookieConsent-lvFV90Wy-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/CookieConsent-lvFV90Wy-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OWD48cwMxnTrGIhWXYsVKiK%2ByTZIMa4Q5DXw8RNNr9D77QAojg6%2B72EuYx16W9QlnXrW8X2dZ7XTDvFWnN9sLN%2B4zQlbCTwXIHtMvc6PbI1l27EjJGAlc5npssViFLpB9g%3D%3D\"}]}\r\netag: W/\"69e18d5c-7fbb\"\r\ncontent-encoding: br\r\ncf-ray: 9efe576c994f568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32699,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28866)","md5":"c7945ff3ea9c72015d697fc4481ee50e","sha1":"f368fca4f46948042ab8ef88ead871d933ecadf9","sha256":"cbe238fb8fa63f1e4dea377ad0f56e2eb6835c57c209ab5e9ed6abd90e651905","sha512":"8a5d9082344f172c45f1e3e02e74d1b4a3765e5a10bd23bc31d237780f0b66784077697dee1c520bd37e52f5bee3d4fcee55e138d860f1f783a0bc47285469bb","ssdeep":"768:jr5jgT5ISSBGZo4mrwrS0yIpdmjriD0PbnPex4:CeVsmrwbpdeioX","tlshash":"a0e25c05e806eeb9d7f31634744a7168a4387fdac25ac479a3bd85232bc9f728763314","first_seen":"2026-04-21T18:10:22.393321Z","last_seen":"2026-04-21T18:12:11.767813Z","times_seen":2,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Frame%204-BZFoet9Q.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Frame%204-BZFoet9Q.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 5729\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:23 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937f-1661\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hsRPDCm3k06ENxEdDlHbZzcWMJo61%2BIXInu9d%2BMRp8cdTYQlsv5%2Fc%2BOKHIg9WCfnjg3Sr0P1Z7qBYyMDXL%2BkfsijuLBZYPqCuyT16AwQIBWT5f%2B8s9VgHsmE%2Ba%2B84lLU4w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57750c69568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5729,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"c3db4e6b3340b588b927ecd0c523b863","sha1":"c2809f25a9992e45976739f32f2e9cab161ea7df","sha256":"46350bd8be7e27ea772bdf49836ce87165677e03ef1386f4660e01564dd42150","sha512":"3911815d12f41f1fc178e72f8a33ea8f9c481612f4c62a35c3a6a4cedf050d97cdfe8c31c8639e40c133b3a94a7e3270a3c983a54a734aff2951d6362e90fcb0","ssdeep":"96:8OSquQsKe1aEHC7jPd6PP4UF9Fmk5GZZu+khzgHkAu+Wg2u6:8OSqO9kc1NuofAu+Xp6","tlshash":"f6c1aec532f1afabd84b0c3490d67ec763ee8a5591768e0bb325a093e02e8e0120d875","first_seen":"2025-08-26T17:46:37.288981Z","last_seen":"2026-04-21T18:21:48.827625Z","times_seen":50,"resource_available":false,"data":null}},"time_used":881,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":867,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/starslist-YIJi42t6.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/starslist-YIJi42t6.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 22173\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:34 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6938a-569d\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y%2F6cNG4wDiibFgdbcxKV%2FDODCEe%2FC4Tphd8z1Moth4qXOZmR9FoYJIh%2Fx0rkTHOhSr6BH1%2BYw1cnkD0ChQg3KSEPj2W2pik1%2BzuFcAs4iOG6g6ET5ypoouMMxi%2FmYRl80w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57752ca4568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2148 x 417, 8-bit/color RGBA, non-interlaced","md5":"78382c82dad9a7dd50655f44fb82f743","sha1":"5cb4a13ba952deeec34e3c4a5f0a1a424efb1cd1","sha256":"3bb15b8fd045ea090c833d5cdce05e097a4f9556f1a74b69232968b505895609","sha512":"f2297ebeeb0a47f59cd03b6b6079b3ad6c54aa1d585416a38ba5220a0a3a34b64a63f70b28460c34739441ba5237dfc5f560adcbdb00cceb83e5508197f687f2","ssdeep":"384:JojM6hkS9bZoCrjbih/rDyNRNMlOuDZ5lxYYWZLesJeDQu:YRN3iZrg3KOoZxqODQu","tlshash":"7ca2c01a9a5eecb1f92cf0313a834d30e9694452bde0c339b542c105feab4bc86b61a5","first_seen":"2024-12-26T23:29:40.083923Z","last_seen":"2026-04-21T18:21:48.819991Z","times_seen":38,"resource_available":false,"data":null}},"time_used":1580,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1541,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/platform/likefire/favicon.ico","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:40.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /platform/likefire/favicon.ico HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:42 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Apr 2026 22:44:53 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gUePTy71ukr6L3P5mIJVTTnPYIx6cykC%2Bbut6Fnll6wr1eeStQfbzpK8IZGh1Ijkv9n5oSgePk4ajcABh1u2m1gSb8QQmkynecArQy2kTXjdN7%2FUjXlPiZFfHS9L9DpSQQ%3D%3D\"}]}\r\netag: W/\"69d97d65-3aee\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57565b27568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"40cce633480528e19e18f9e4e88d596b","sha1":"fcf56e6f3fadfc7eae6f8b624cc9273cc29247ce","sha256":"d9444ad840fed0be6d4577aa8562fbf8c40ff4971d03b160c143f9f610f385fd","sha512":"af37e3736f62cac44dc342db1050bef1dc2132ac524a57233600783b6239c90c8ff91cfa9f658294ab486351b70a4059f9c701202494de77490158d436e9b980","ssdeep":"48:jYwKorD6TPugMrKNS9qF+gt24PhFyYAQAtiVLRmLqCrMTr4ElJsSFv6/+d:0gaIeQCEbtYXqElJBbd","tlshash":"6c6248016ac08e0cf5a34b76dc8cc7a40d0f6e3e9ba0a467b5d07e5fe9b115804223bd","first_seen":"2026-04-21T18:10:22.44994Z","last_seen":"2026-04-21T18:10:22.44994Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1166,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/cssCalculate-G7yYGhEz-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/cssCalculate-G7yYGhEz-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F0LJZmE9iFHRk17Yaob3Wt6yTKUpWqQOb8hQHYiGsL2ORDJZ798p0kS5b7YYlwVOXnIzVDg4hUs2YAJbiO8XCwzTIXcNWuZmklT%2Biri5uesQzQiApJuFg8rGlQWMaeMN%2FA%3D%3D\"}]}\r\netag: W/\"69e18d5c-318\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57604ff0568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":792,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (791)","md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-04-21T18:21:48.811528Z","times_seen":35,"resource_available":true,"data":null}},"time_used":887,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":887,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/financial/list","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/financial/list HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 16\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":16,"data":"{\"classify\":\"1\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"cf0-6MLowCN8n1JINZFvWtpt+z7brJ0\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zjUWYIlP9O%2F8V%2F0EAqGQYwvsfVF440ZY38xMnghqfS5Z12WPM4GZMgwEayxd%2BkVEkqSj2Z0cJecqol9KOoRF13QRIIINs6mMMWrUTGxJMUizZU8VuSIL71JyuPYmpvc%2FCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe57607850568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3312,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a2f467eacb982490dac69903a57f1e74","sha1":"e8c2e8c0237c9f524835916f5ada6dfb3edbac9d","sha256":"48e72970736a13686c7a0f2293dee6d3b96d5779a712daec493cda09581f72a0","sha512":"8602ec010ba468d77f4c96446f802378b98382aba60604549b3d0fab413313ff54cf076ecd60f1160d7a519fde97687f1d1307b067203ed323fc1e3adc254800","ssdeep":"","tlshash":"8b61bef90436c8e5e3f630d14feb4460fcaa71e578e490a596dddf55c2489e6700980b","first_seen":"2026-04-21T18:10:22.451129Z","last_seen":"2026-04-21T18:12:11.720872Z","times_seen":2,"resource_available":false,"data":null}},"time_used":933,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":932,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Register-7dbCJJN--cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/Register-7dbCJJN--cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GMTePBVtlZQhvh22CXMzW%2B5mk8Fx0sVsHRzuYCLucTXG41J02tHvQSIUUMwGKpZkMxyKQz1bKc3%2BhKXNu93VOHpaDA%2F5fVg7tVTnRvfpJWkM0aJeAqOS5mKbkG9s4WWibg%3D%3D\"}]}\r\netag: W/\"69e18d5c-486b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783fe22568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18539,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18529)","md5":"6741c2f59aafca7f3a43b0c26e34f520","sha1":"9c798de5e173ca92003b0833981532b46921e015","sha256":"e895fe8b07aaa1fcf11d2ddc11b56078b0a982566de2b2cc52500727e7344128","sha512":"7174a0084e5c896eb3827fe89fe74bfa5f9b26a83b1cef065bc3615d7ea0dfaefd522f5c9e96c07c6e823afb3c42b65bef37e1eaffb1869567d9d7fd831a5f51","ssdeep":"384:GhN6umz4k7mm+rwmee5dk5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792C:GhNpmMk7aF5i5s5TUZ5pyVjnjXYn0D9V","tlshash":"7782778cb1519bfaab7b9430f4476930682c4f5fc463c4f6e6e88c35a79ec71a51423a","first_seen":"2026-04-21T18:10:22.452276Z","last_seen":"2026-04-21T18:12:11.744808Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1169,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Register-7dbCJJN--cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/Register-7dbCJJN--cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BfNw1S88BLm8m%2FY4TxrBvMlLNi17EEzwx3d%2B8OjmuOkaD80I%2B5zI72EC6ibe8Po6WJQFvKFJuHRJ%2BeJR16pIWQAGw8deAqx1968ZyJZGC%2FDk2i4X3w7MivbhhXJCWnw0DA%3D%3D\"}]}\r\netag: W/\"69e18d5c-486b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5785f8a3568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18539,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18529)","md5":"6741c2f59aafca7f3a43b0c26e34f520","sha1":"9c798de5e173ca92003b0833981532b46921e015","sha256":"e895fe8b07aaa1fcf11d2ddc11b56078b0a982566de2b2cc52500727e7344128","sha512":"7174a0084e5c896eb3827fe89fe74bfa5f9b26a83b1cef065bc3615d7ea0dfaefd522f5c9e96c07c6e823afb3c42b65bef37e1eaffb1869567d9d7fd831a5f51","ssdeep":"384:GhN6umz4k7mm+rwmee5dk5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792C:GhNpmMk7aF5i5s5TUZ5pyVjnjXYn0D9V","tlshash":"7782778cb1519bfaab7b9430f4476930682c4f5fc463c4f6e6e88c35a79ec71a51423a","first_seen":"2026-04-21T18:10:22.452276Z","last_seen":"2026-04-21T18:12:11.744808Z","times_seen":2,"resource_available":true,"data":null}},"time_used":856,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":841,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/account-mymDt-Yy-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/account-mymDt-Yy-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qQaevy5UuifPtIbs3OLweXZkxhgRFUFADMmHw%2B2NdNtSvi%2FW9ZiriBQeqXUSdBNe7Sym1SS4ULofX8eBG9bsAh36yc6rIa3NbLy6%2FfOclEtolY7VTsJ9rfAVsQ6Tg%2BiedQ%3D%3D\"}]}\r\netag: W/\"69e18d5c-45b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe576ca955568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1115,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1114)","md5":"a24fcda6cdb7b06e548b09b36778ea7a","sha1":"291cb3499aafdd945e368b7cbd2a46c6de4997c8","sha256":"9ec07483aa9c14b3a75d0de21b0c2df3c35bc8866a7414d58d6165e691a8e641","sha512":"96152659684151faba8e81166f6681bdbc0e9aec8b3dd778c05c342496212adf9843ffd0bd3a501d779ebf67fef630dd172ad37f3ac4adec2f10c5501d7824ca","ssdeep":"","tlshash":"0621048a8e4a52b7fbb0be1260d02e03c00b6fb5aeb244b2b06d957351bd045ca2db15","first_seen":"2026-04-21T18:10:22.453373Z","last_seen":"2026-04-21T18:12:11.749555Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/dataModify-C6sk-dj3-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9X1gsuU%2BE6fE7gucU5gy6SRgPukkpTzPBJWo1L%2FbCW50UfACLehILKGytjVgg4G5UM7Av0fq1c9on%2BlhXVT4bd1oy%2FJzZuihAFEg1yASHRnO5D8eXMrPdv16HXrS4a%2BDrQ%3D%3D\"}]}\r\netag: W/\"69e18d5c-27b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57604fec568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-04-21T18:21:48.769331Z","times_seen":32,"resource_available":true,"data":null}},"time_used":875,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":874,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/PdfViewer-D79El9Xj-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/PdfViewer-D79El9Xj-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OLgf59uAeeWJqSP11CXxrvP4BwldJRlICwsTxbRgX6e7t3eMDnhAXN59QzFpdZ%2F7m%2FmUY6pXbvJndMp5WdHNJZ5lfGKT4vxYdMPo%2Fn84tnum73r3WzZ6VsAVpEeSRIXFHA%3D%3D\"}]}\r\netag: W/\"69e18d5c-219cc5\"\r\ncontent-encoding: br\r\ncf-ray: 9efe576ca960568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2202821,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"9dceb14a07ed91d98776e06bf64d91ea","sha1":"60e5d72d4c1d459d051ab7a5d8c4665b3fa75ff6","sha256":"16a52f914b634031f7b4f1a97caa256182ab9e072034b6a354e3541c9827b1d7","sha512":"751c6552dd822e8077e324a5de59d2a5b44b3e373e5bc776404ca01fd8d9ae0f73f1bb84833d1905ca9de3dec3c15ac4b5d34420efeb4781526bf157270690ee","ssdeep":"12288:HZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbd:HkpMfCJkPXXq8RqbOt7aFMzC","tlshash":"a1258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-04-21T18:10:22.408492Z","last_seen":"2026-04-21T18:12:11.759792Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1004,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":990,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Frame%201-BB-vAyLS.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Frame%201-BB-vAyLS.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 4996\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:22 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937e-1384\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kMQfbAaikUNTMX6bMcn6JSODhevf0T3pia%2FlN7aLihwH6cGbLXCSmx7BmixJaKsy02avKHAolgWQEMfhItegPxjLS%2BznWgT%2B9lEXfgtYLD9sLfyLYl7b5T8rTEXuUxSKfw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774fc53568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4996,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"adc6a06c56ada71180d5f6aaaef2682c","sha1":"11752acaf2f9bafd7a0187cd635a299c300ec55e","sha256":"615b199dfbd53bdf6eed13bdbad7e1bc63c9d6b47b5b3941f941b83dc671390e","sha512":"766a04843d059ddfbf1e13d3b5fb00aaa98551e7db75dd84822a33ec3f3194246bc22ca8cf92a9e32f8c055670223d16014b146fc1b8344338d1941879c8b1cd","ssdeep":"96:8OSV/Ycg/JRPrmxexk/17o8HtfKyk4EW+DSSxyyd+WZe3pZ4ftOv3SG:8OSVQcgxRzO441o8NfKlbWUxprQ3pUtQ","tlshash":"31a16dc057e402f8536010362bd174af8997fced76372e8db098e37d22585a5909ecb9","first_seen":"2025-08-26T17:46:37.234646Z","last_seen":"2026-04-21T18:21:48.826903Z","times_seen":50,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/TradeLayout-DtwBVIFP-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:49.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/TradeLayout-DtwBVIFP-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d1GxGydDDxm8xgi6wCMeXpROV%2FnpBLuUmWjbfm%2FBiLQ%2F8zeSMWyQJjUsYwCmjmnMgAM6vnxBY%2Bj5skor5i%2BCz0tffkyNVpt09WbUOL3Gw7GWuYRgUjbDqwLwZBNvQtQR4Q%3D%3D\"}]}\r\netag: W/\"69e18d5c-654e2\"\r\ncontent-encoding: br\r\ncf-ray: 9efe578baeb0568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":414946,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48010)","md5":"e7ea7fb68cef2589fe4ed680e91d1298","sha1":"89a670b4c3169dd12f55b9f44ba94a867fb0d2ff","sha256":"e4ef84016867668a7831b978d64a571f8d51ba0677bcf7a34a7bd3976805ee9b","sha512":"7594824cdfdee3ea730a90ae7836ab2ff7328fd366a28216fa4472c226a8a866487e6dbc743319e68de6ccc1c3e8c087b94ccc1cc39f81c895ed282ef1e0a59f","ssdeep":"12288:G37MnWzG2+iFeq6Zz6uSx6c92e1sD5skF4:GrMnWzG2+iFeq6Zz6uSx6c9c3m","tlshash":"1d94e580b162e53993f391b5107a0401e3197f89b40685adf27dccd73eaad9a71baf34","first_seen":"2026-04-21T18:10:22.454661Z","last_seen":"2026-04-21T18:12:11.792307Z","times_seen":2,"resource_available":true,"data":null}},"time_used":374,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":366,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-BPcXN58c-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:50.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-BPcXN58c-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FBLBdPreB%2B7UuIv6z58NI6z%2BAS7P%2BjTo%2BidQdWF7FL6UOiLgCRgrSYlMQ07U%2FynPYD77khrN3jLwGbTtSb72ksNq0TSpfgQ5JePjr%2B2HWLBAwnNUrKRdXXVxSEXgdRe0Kg%3D%3D\"}]}\r\netag: W/\"69e18d5c-a0a3\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5792bfec568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41123,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (41121), with CRLF line terminators","md5":"9a86059f9465e8f1129530a4b7d12124","sha1":"50f3b5ae067ee54ab478aa06a55972d8bbef11b3","sha256":"a91d45d3b83c37e06ccdb75b0eb628d7ba6f1e47bde6cb086a052360deeaa33f","sha512":"147c575bd256035010eaffabfff90cfe25e7f595bb65b2e6e9a32305985af05cdb7968b1c22cba6c20392eedf52bea0e2ec0780f75cc417c09474bb54e3f345b","ssdeep":"768:2ievlM82K8nfNtfWeg8s2qlLlWYuG13tfhlgbXXh4FgXG1aj:kdM82dPsH9YV","tlshash":"ea03842cb012cfbed663293062ad1994e1497fe9c526c80af1bd18233bc7ff05a56765","first_seen":"2026-04-21T18:10:22.455515Z","last_seen":"2026-04-21T18:12:11.722195Z","times_seen":2,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/account-mymDt-Yy-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/account-mymDt-Yy-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ny6dDV3NwYIthOdvSJoYFJdTNfQX7BEMKm%2Fa%2BcVXe9L6cMqHSF2ZVvIWy1KRtckkCOUNc%2Bgh245zuqm6uQiPCApqg%2B53MZH63EqIXaw6dFAQw5iMT09mmpOirw9p0prOHw%3D%3D\"}]}\r\netag: W/\"69e18d5c-45b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57604ff9568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1115,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1114)","md5":"a24fcda6cdb7b06e548b09b36778ea7a","sha1":"291cb3499aafdd945e368b7cbd2a46c6de4997c8","sha256":"9ec07483aa9c14b3a75d0de21b0c2df3c35bc8866a7414d58d6165e691a8e641","sha512":"96152659684151faba8e81166f6681bdbc0e9aec8b3dd778c05c342496212adf9843ffd0bd3a501d779ebf67fef630dd172ad37f3ac4adec2f10c5501d7824ca","ssdeep":"","tlshash":"0621048a8e4a52b7fbb0be1260d02e03c00b6fb5aeb244b2b06d957351bd045ca2db15","first_seen":"2026-04-21T18:10:22.453373Z","last_seen":"2026-04-21T18:12:11.749555Z","times_seen":2,"resource_available":true,"data":null}},"time_used":886,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":886,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Frame%202-5VaDbG1-.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Frame%202-5VaDbG1-.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 5718\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:23 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937f-1656\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dze2otOLWJAkiODVD3nGR%2BNBdUIAPhbNAX1%2FVEhhhDy11HRwuncXPcFzugEWpuj%2Bnp759q1ezgSZIYcuh0rKOsczpypsOV3gFsQS67I2G3rm%2FUfwHFY%2B2ZU%2BMKrsyvA1vg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774fc57568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5718,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"5f758e18ae5e7982ead7774e8a97ef13","sha1":"a304ce7a8d6956e37c1ea3d82f6f973eb8233e90","sha256":"d2655ed85d2e3cf091024f70ce46667738e6b870ad988c9a5f8b12b0d0313951","sha512":"b3fbe74ead16f03b6546cf946a1618a78bbb6e55cc45f88c75373d12ad1de1ee4175b3657e90db6157edbee31e568f92c55f851db5cd548b8b1e79d28ea1440d","ssdeep":"96:4Sg5i+RYQPkBi5/bYtii54JP9UN/z+VVyxhSxlUXIiHDo+/aAX3+v5f9C+zEJ/Ot:4SAGxBc/vrGN/m+Sxa4Ao1A+Bf8tGl3t","tlshash":"39c19f8863f4c66000a04169a9d1c3af560cf5df01edbf947045a1d518eced6ee26efb","first_seen":"2025-08-26T17:46:37.251652Z","last_seen":"2026-04-21T18:21:48.832719Z","times_seen":50,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":865,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/uploads/aiinvest-logo.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:46.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /uploads/aiinvest-logo.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 4782\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 17 Apr 2026 01:45:40 GMT\r\netag: W/\"12ae-19d991d7f5a\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=phT2oIX8XaT%2FCRzs8aMu5PgGfwzQu9G4yuXVWluHeYpDqPPxRI5PLTf8OsqzRGAtr00lYLFJ9pqXgPxuT5xyz8ww3mWMozC%2F3ACuGTXAY5iD5exch1%2Fv7fU0UF6mHR5okA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5776cec1568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"9b3b62a4c46e1dc2286c735a3a2410f8","sha1":"db9b6441a3e110d34631bf1f1306129201a677c2","sha256":"0bbec2a12f871907035ab243cccd9965661911990f55b5c56eb0f36666cc44de","sha512":"9dead447d08a4b053cf3220a491ae98bc5645ce6aa9d53e71a1521b7c6db1d87370c1f425849599e90ca23ffc8737ce7498b0ad5f7003203e5b2587213090351","ssdeep":"96:7sgbhbf0jcGgNNtt54Sp/uLN4wZHI9NLrZLH1q8lP6zQE8tkGAwJ6VMoPC:XbpMYN/0Sp/uL3o9NfZDjlPgEUwJ6VMD","tlshash":"5da14b369674ee617dc2623dba89cfa3aae7da4087d48593c494fb8f0928e021461e51","first_seen":"2026-04-21T18:10:22.438912Z","last_seen":"2026-04-21T18:12:11.746538Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1185,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-BPcXN58c-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-BPcXN58c-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1A0KvtRzHeckQG%2FFc6mOTsy81PuezMZ%2FP7%2Btx8NgCatT7dZ%2FQjBJt1QL%2B2zPDgomP5IlVqBLUcNnXPza6YgmKfbJn0AOTMlopVUfNgeq1ipQz43zbuOLibkXMRZCLuKZDg%3D%3D\"}]}\r\netag: W/\"69e18d5c-a0a3\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e57568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41123,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (41121), with CRLF line terminators","md5":"9a86059f9465e8f1129530a4b7d12124","sha1":"50f3b5ae067ee54ab478aa06a55972d8bbef11b3","sha256":"a91d45d3b83c37e06ccdb75b0eb628d7ba6f1e47bde6cb086a052360deeaa33f","sha512":"147c575bd256035010eaffabfff90cfe25e7f595bb65b2e6e9a32305985af05cdb7968b1c22cba6c20392eedf52bea0e2ec0780f75cc417c09474bb54e3f345b","ssdeep":"768:2ievlM82K8nfNtfWeg8s2qlLlWYuG13tfhlgbXXh4FgXG1aj:kdM82dPsH9YV","tlshash":"ea03842cb012cfbed663293062ad1994e1497fe9c526c80af1bd18233bc7ff05a56765","first_seen":"2026-04-21T18:10:22.455515Z","last_seen":"2026-04-21T18:12:11.722195Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1157,"receive":166,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-BvE5h4Y2-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:39.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-BvE5h4Y2-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:40 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2IVbbRtLxmi79%2Fj5HqB8RKr1XG%2Bk%2Bj7Ddxl2POeK4S5i0dt15QRn79McpTt4kmbbddV7TrNHF%2BLknLd4J8VIkfAYmtEpPltVO71oZS6a4OLoN6h32JCRzrJI%2FWOvdArHww%3D%3D\"}]}\r\netag: W/\"69e18d5c-1d677d\"\r\ncontent-encoding: br\r\ncf-ray: 9efe574b1c7e568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1927037,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33325)","md5":"9644607a751765ec1691f2c810b13cb6","sha1":"285840a723aa05e62480d2f1e1f44db678ccab78","sha256":"6764d4f4c44f0e6ec828a3b3d1c1b38e2fc920a2467c1e712cf0c953fb7afc39","sha512":"7f429009b027405b9a6dc2a8c5a28a2f24cc3bd30de1fc9c6d8865a5c228b4196bf56c1d65361da55ab98caf7a3fa6ba5d92ceaf3b6a7f4bbbcf799a7e428415","ssdeep":"24576:90t9UzEet33btbdNd1Wkqn8grE3fHjDejTWlGOv9xk:90t9UzEet33btbdNv92Q3fHjDejTWllI","tlshash":"2d255cd8b682f06107e755e540bb0006f3397e157449c0e4f6a999eb39a9e9ca273f3c","first_seen":"2026-04-21T18:10:22.457796Z","last_seen":"2026-04-21T18:12:11.747327Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2961,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1172,"receive":1789,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/icons/bnb.svg?v=20260409-assetsfix2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /icons/bnb.svg?v=20260409-assetsfix2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 09 Apr 2026 12:42:12 GMT\r\netag: W/\"1f9-19d7243b0a0\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IWYdqhcHLV9dxQbHGzbljUGJAzNGhSuYbqx3je5OKsXDRCj%2BizNH8meojCqKaE1D%2BlOtMxj4pwZY3VRDZqvRvLNoelXIQYXelhznu%2B3rGhnDopgMntaTLCnc2ERdrerU3w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5774bbf6568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":505,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2626df36e7822f2ca4b9cef986fa3c12","sha1":"0735b15f9f11df0dd5ef41218184fe3b5304977a","sha256":"ce2befc91baa544c13b63d6c02a12cfcf84702a5ec29b650e358a8b4a96c4ce8","sha512":"73b7c52d38d25635c157ba5eb8f11206442d1164f1ca7df3501d086a40c0a40f492bf18a9e3ed8a3f0a891b3d3da8dbfc8f1152114b1d6f5b323a3f111dd3b7c","ssdeep":"","tlshash":"1ef059d888247e10ce062d58ef3ffc2304573425094a7de2e25a9b16fd589ddf885e14","first_seen":"2024-08-19T21:48:13.537326Z","last_seen":"2026-04-21T18:12:11.708344Z","times_seen":150,"resource_available":false,"data":null}},"time_used":874,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":874,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/kline","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 53\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":53,"data":"{\"symbol\":\"SOLUSDT\",\"interval\":\"ONE_HOUR\",\"limit\":50}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"1710-LtIRmSH6O1+8z23QuBS+kL0wdHI\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Oko7ZEKilXANQPnvI22ShYCoj4lKlDjjf7GhEFY4W8J3yCGSeKi991gabWqnIx72zQxm%2BAZosAj3UoGtdYvqLGvGswhyu8AJDk0K0iLaOLmUFT%2FtMdE0TvkxbLjGu7CNw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775dd79568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":5904,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a0f1475d823b3522ddf6161c67ac7a10","sha1":"2ed2119921fa3b5fbccf6dd0b814be90bd307472","sha256":"4007f78e5b51c290b8d4be0d9ba184f5f751e551f33cac149a879ffa451b2acb","sha512":"b504abffd9970db6a32940cc3ead5d791571c0385adb453094724eed047267d5f9ab31db30ce8d36f21230b11cfab479b46677bef0c38b75131866fb0fcdc48e","ssdeep":"96:BIiT0jZqf5U2OHCFfOOfwdq1K6dVtFVTK2AfsTCSNk9:BIiE0fy2UCFfOOfwdq1fXtvTK2PTHA","tlshash":"b4c13c264e98d058e9f3adb22bd3bd90551fb0a79ece0c4d0399aa014df453096ec3f2","first_seen":"2026-04-21T18:10:22.459229Z","last_seen":"2026-04-21T18:10:22.459229Z","times_seen":1,"resource_available":false,"data":null}},"time_used":932,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":932,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/CookieConsent-BKtXZsW6.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/CookieConsent-BKtXZsW6.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z%2BYmMy4Lu7KFXrYkCXZaIpsCsAiHmsASUFGprvpuu8u5rK8qkxBB%2BoqjEBwYad3NbivkfojZ9Ky4zaskRiHmk1ijqEDnApna0fVZ5LvdgyWP352lQghYlyOotlHK1wVWJg%3D%3D\"}]}\r\netag: W/\"69e18d5c-1939\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57603fdc568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6456)","md5":"1149d91279806327d1cf129fb88561e4","sha1":"64a0d38ab7c0b5dcc85255064a404c5faea0e413","sha256":"ead0cb6d3b9cb7c7ba752b1a20cfe31c362fb850dff7077d0a6bb1c1229bbb73","sha512":"a32f4aa95f8b53e74371a2cf0c459b2959b0a017734332ab04a2bb0cbbd974d3c1e9963ef7e9cef2dec986510b4f0188c7aacd045b40e793c567e28686a7802d","ssdeep":"96:UMwlRU4q7ekoIlbffKu28Y6NRyuHwwlUxiun10aWNPG987:lMpq7eJOffhLYP2WxDhFK7","tlshash":"81d1ff717688b01db13fd87561e12b9c3228e207d7325ab8964bb57c89e72873336bc4","first_seen":"2025-11-30T14:17:39.787592Z","last_seen":"2026-04-21T18:21:48.776114Z","times_seen":33,"resource_available":false,"data":null}},"time_used":881,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":881,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/PdfViewer-B45GQKhL.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/PdfViewer-B45GQKhL.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ien%2By%2Fz0apG0EexmDAQTmaMbcy7z3yU9SVjv%2BKiwHcMPefXPuhuZGJZmI%2Fr8gGhfRXxvZwD7m83ailFY8TQyvcABBqj%2BW5Kd9ggoxFlC83jEmSiIXcW2NcM%2FNwv%2FPfi14g%3D%3D\"}]}\r\netag: W/\"69e18d5c-ac\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57603fe0568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":172,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a07280d8c4487f94b1962d8eb4c60c95","sha1":"73584fe1844801f9c25e94ccc9dff3b20346c2fb","sha256":"cd0180dd43cdd6e4f0be1f78d4764975fd0abd9566ccf9210d4404d8e876ac98","sha512":"1b03fbfdad670899cdcf22896978f04a52fb6bbc48af9f0a6400182b7e30cbdd7d340bf4b3a082f824232134c66e891e39bcf834b4e760522d5988442d0b43b0","ssdeep":"","tlshash":"9dc04c23f185949d04125064159236fcdb3da50a634e1cf14b56f3766abd3c765364d1","first_seen":"2025-08-26T17:46:37.291739Z","last_seen":"2026-04-21T18:21:48.816692Z","times_seen":36,"resource_available":false,"data":null}},"time_used":879,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":878,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/icons/doge.svg?v=20260409-assetsfix2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /icons/doge.svg?v=20260409-assetsfix2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 09 Apr 2026 12:42:19 GMT\r\netag: W/\"2e2-19d7243cbf8\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Zbn51NNXcs5ng%2BW6sudSniihk73AFaMK2zkxYukDc8ghtYMWj%2FgJOFNDFpteo%2FKPoAQ%2BA8P8jsHvhLmgY6WEKXKKFnSZBWgGmHBKQAAbJLu7skHOizKDiVQvzTB6mYkMw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5774cc16568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":738,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7f63ff3991035fa33ea36c34360fca8d","sha1":"572803b168b53512b4b16c480ef42a37efb3d3e6","sha256":"bad8366eea35df4e3185ba24aeaedf4b5ab702d1bb959de47085fb762916d16f","sha512":"2074ae0a5778ce23fa2a3b429b90cde646859b811f991007d81cca0a992fa6a9ffdc844488a2e052e8fb21299a7bbef0e337011c303626ce3078daf98c60b494","ssdeep":"","tlshash":"f60125d79e28e5cc0cef4934bf773088161b7b9f910a49e2518d4e09f4821d8e402e50","first_seen":"2025-05-18T01:44:37.295907Z","last_seen":"2026-04-21T18:12:11.765469Z","times_seen":111,"resource_available":false,"data":null}},"time_used":882,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":882,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/cap02-DD81pVdb.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/cap02-DD81pVdb.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 9330\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:20 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937c-2472\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5gD%2BzcOeXjKJFf%2BfFo9d3DVOdQCZ3BTzp3L2ZX2pY3%2F6GRhWopuhHJpRNlAs015Rid%2BL%2BQD%2FWIwaNltWjMBJrbOukW3gAqvLZ%2Feqj9i%2B5lS%2BRlZGa5JjnZ8hqoW1%2FRyLQg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774ec3f568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 132 x 133, 8-bit/color RGBA, non-interlaced","md5":"4ab1cf3ece753d1eb82627035c469652","sha1":"8fd4288260a2672c70428ee600390022604c5a42","sha256":"63b00e3bd41d39461d47872b23ee4a6a5a12f68cff29ce474bd400ac8c4498ff","sha512":"3c0ebdcbdf510c654de8780e0425b90c0fbce8f7c65894b7d4432b4f416dc66b26fa5b9c4c121313a10e6b736e9fde8b157bde0aca60077286dd35266de5fa7b","ssdeep":"192:RRHaX36Byum2m1yWAGebDn3stnesP3Mpb6l5tjp2GSb2lS/9HPIIu:RoGyHX1yWTWn8tne6cF6jtjzSb2lSNId","tlshash":"ee12bfc349926778264916dcb738e5807731a8920783c38ce4b5b528b1fed8c4e63f5c","first_seen":"2025-08-26T17:46:37.28042Z","last_seen":"2026-04-21T18:21:48.824193Z","times_seen":38,"resource_available":false,"data":null}},"time_used":878,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":877,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/SetFundForm.vue_vue_type_script_setup_true_lang-Dn0EOhbI-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-Dn0EOhbI-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r2HYkJCS9p%2FjO0KyGmM20bMdcXrNBqxqOp0TpQPRCBUv5EBDyTult%2F75Cp5dmj%2Fd7IP5Oqoif8jJZeu%2FdXw5ruRM9DSfGkbarhVekpDTRoQkWsywmnwciSSQ8vfOzRjRfA%3D%3D\"}]}\r\netag: W/\"69e18d5c-a7c\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e5e568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2684,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2683)","md5":"d22408cb99eb86354a01fd37d613655d","sha1":"b7c2b91d25171761f35bdf8b172e96d7912b9fac","sha256":"dad9ea74f8a32cddf8db432571645e7d6e1d614939b533dae8ff82e5728a4e9e","sha512":"de7a08c0b5f71956f3e5f7bc9bcaa0f761a1c0853132dca01ff5fb08d872d3334d8e514387f196c1cd16bf1e38a62b211913b244bb4b0d3916796ccedb4b3101","ssdeep":"","tlshash":"ba51430d24b2ceff2ac3a238224e6164e0c87fcfd7309759b67d417226c99f52619a55","first_seen":"2026-04-21T18:10:22.426489Z","last_seen":"2026-04-21T18:12:11.70249Z","times_seen":2,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/bg_1-BEkGORMz.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/bg_1-BEkGORMz.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aiinvest-tw.co/assets/Footer-kqO8xzJ8.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 111079\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:20 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937c-1b1e7\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6bwh3qM7VCRzolEsSrZe0h44GcNdOK%2FYFzjvlD2DIsw88aIVGaszGiepRH0sxUXtQVGIasJAdvDInQcGsZlyfpDXVvl9Bzg3CYZHtfzwSfS7jTZ18MBpSYTbQSVG6UCIQw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57759d1c568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":111079,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 223, 8-bit/color RGBA, non-interlaced","md5":"2667011e3e80bffc8f53b439e07ed571","sha1":"95f1f9ca0d80b2a0d88b15e41ff4c0804eecbd86","sha256":"71512d4d03b324477cbaa139206155fb48617658908eb7309b2abcf7691c9258","sha512":"d3038c24866b6edacd3c1e24f83285f7a03cb14a00552290d650042c6977ada5c6ecd88e9cfb85ec027398e450aa6b1718837198f2dd070d886049d31ff041b8","ssdeep":"1536:ZeZbH5ZJim+F0K+MQpgatMdAt8SgQh4LDyOBhOHQSTUFN4DoY84bAGB8d8Zf3p75:4Zb/JipFP+btwP4uFwQpksCBhpwvIqYJ","tlshash":"8ab31284374f43b9c666bc2d4c0fb950b7a68125b124ce84dff78417716aa3e8f89e61","first_seen":"2025-08-26T17:46:37.222479Z","last_seen":"2026-04-21T18:21:48.802436Z","times_seen":50,"resource_available":false,"data":null}},"time_used":1738,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1145,"receive":593,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/filters-CVVMcBXU-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/filters-CVVMcBXU-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5u7XMjHIpToJDXBandiIHn%2BmKohN8497wO%2BmcwpZuQEiSIrHHIYNfi17PKH64h1Wpx%2BPiIKorCi7Z9%2BatNKmgyaNZgwr6y5trAOuGeVnfcD4CbSq6O3YoUeAs5dE3m%2BWUg%3D%3D\"}]}\r\netag: W/\"69e18d5c-421\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e5c568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1057,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1056)","md5":"959f10848aa622ea30be381c5a450482","sha1":"92f36636b5bd6a081e17f282a739faacd4ff12fd","sha256":"7ca9403b3059b7a30b08bf2b54e1bb78b22146ce1334b25481f904efee320cf5","sha512":"e5d43811510e475b63c3aabc470ff631b8bfb3d00c9453f4f8bdfb8e4ec292e814ce16609b6ccb19602fbffd877dd75c298f42bee60e8049640ca00124ca71c4","ssdeep":"","tlshash":"1f118ba995c6c67b02fb88c9514e418768e87f78b00e4b62b974f1123561091f4be393","first_seen":"2026-04-21T18:10:22.447587Z","last_seen":"2026-04-21T18:12:11.751735Z","times_seen":2,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/loan-RS8PKRPW-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:50.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/loan-RS8PKRPW-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4IZpmKVjixlr1w%2BMrylVHnuA%2Fnmv1enZgXPTdIkI53Al2SL6%2BoBvLt6OxmUAaVUGhHrZEHU1xr%2BZz6kFSmitKVbBfwi1p%2FXUG7W42q1ueKNUW2pGLcBzN5WiGIXfzJlP9g%3D%3D\"}]}\r\netag: W/\"69e18d5c-24f\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5792bff4568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":591,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (590)","md5":"b07e5624d6c3e7957e21d7809e702ccc","sha1":"0295aeea63db4516de56f65a16d18410e6f54971","sha256":"a98840509eb0fa5c2cc36e4d3bbd8a014c3e3e693be655acbaf1ea89b7a58d73","sha512":"480ab9135b355364ec7559c3eb52a727c1ce85d978b9fe40e6ba9df275749001835b199aa42f9b9cd4db80a457dd18a479073dba649755a1ba75172b516e3419","ssdeep":"","tlshash":"6ff0c8dabd079a7f9135d22930923d02b43b9a31def614702f2ad4678b2c089675a941","first_seen":"2026-04-21T18:10:22.445281Z","last_seen":"2026-04-21T18:12:11.758574Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Login-ojQMD-4G-cf20260409.js?v=20260409-nowallet2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/Login-ojQMD-4G-cf20260409.js?v=20260409-nowallet2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qoN0sQPR%2BXJD44fwu%2B7RKXLlOsf2TUtJZ3fkU6UzC7dE1Ap3WpfIxhzU7g8d%2B8MJ2Hr5U%2FHnxLtCaROF%2Bn%2FVubI%2BB12DQBX%2BGoaTH4mgqNCu6Kw2u1mUMLRGiqzWmLI94A%3D%3D\"}]}\r\netag: W/\"69e18d5c-7054\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783ddf5568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28756,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4840af77c0014b932ba5b29afbaf05d7","sha1":"7b15734fdabcebc69ce86b0c2da99b3200d80183","sha256":"4e61fe1f4bb3001345ba05bf680c1a3c5c0aff8d9f09837d821be85b3a45cc19","sha512":"6624b75f28d7a016571d4926983356cbd6a52655ff5094c83334a07b362de7fd92433588e1c972183f3a2864ade8fb88f64d84da9ec68c7e92f101cc79e72014","ssdeep":"384:AYBaOqAooej4pyYd4QEj8E68E5rSoPzUrC1VDHizY2e1btwA:kAs84KEIEzEj7aBeleA","tlshash":"9dd22284c1b52972c693b2396a1be92e7824465bccfafd4c7fdc461a1f0d02e967035e","first_seen":"2026-04-21T18:10:22.463616Z","last_seen":"2026-04-21T18:12:11.771321Z","times_seen":2,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Login-ojQMD-4G-cf20260409.js?v=20260409-nowallet2","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/Login-ojQMD-4G-cf20260409.js?v=20260409-nowallet2 HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P5Q0iLAObAfvDn26wSXDHvnFj8%2B09fnMDpKfCXNC0wLMZn3M5l3L5yTVI7XiNe6FY0e5xjzSVitzDmm7%2FpgUMtkk9fULgh6wTJLK78Ng2RRs%2Fmt28s%2FjhqLgSMdrhNgfjA%3D%3D\"}]}\r\netag: W/\"69e18d5c-7054\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5785f8a0568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28756,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4840af77c0014b932ba5b29afbaf05d7","sha1":"7b15734fdabcebc69ce86b0c2da99b3200d80183","sha256":"4e61fe1f4bb3001345ba05bf680c1a3c5c0aff8d9f09837d821be85b3a45cc19","sha512":"6624b75f28d7a016571d4926983356cbd6a52655ff5094c83334a07b362de7fd92433588e1c972183f3a2864ade8fb88f64d84da9ec68c7e92f101cc79e72014","ssdeep":"384:AYBaOqAooej4pyYd4QEj8E68E5rSoPzUrC1VDHizY2e1btwA:kAs84KEIEzEj7aBeleA","tlshash":"9dd22284c1b52972c693b2396a1be92e7824465bccfafd4c7fdc461a1f0d02e967035e","first_seen":"2026-04-21T18:10:22.463616Z","last_seen":"2026-04-21T18:12:11.771321Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-Cprivexq-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:43.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-Cprivexq-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7BOa%2Fswhkq2K%2FUZgzd%2BvQ4af1DxIEyFfaF5ojpe6XVIpDD%2B%2F7vs7j6pZa4q7XPtUrL9aocKaZKYFgcDc0wLXU9q3ED%2FkjWsnZRniT%2BFqIDV3lot9ib2%2BMYfA3l2WuS3TCw%3D%3D\"}]}\r\netag: W/\"69e18d5c-2a54e\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57663829568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":173390,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"cf823539278a9e16cdc7425568d7adc4","sha1":"4168c95da429a6d0ac5a9c3a49cdeab851d0a1b7","sha256":"23f62a9e69cbd2898abe28a6a9ee6415ed052cac3d40e4b3aba1c7ec6f2e50c7","sha512":"22a180997d3cfcd43a95aeedb470bf7d697f915e321b7361c67b8f32bdeebaa6f4b8a9b65cac8dc71cc72fdc3464146697e27080ba17e745072b1285c7a322ce","ssdeep":"1536:V9R8W1dTRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:HRhdjTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"de048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-04-21T18:10:22.440756Z","last_seen":"2026-04-21T18:12:11.74875Z","times_seen":2,"resource_available":true,"data":null}},"time_used":971,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":764,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/cssCalculate-G7yYGhEz-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/cssCalculate-G7yYGhEz-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IhucLErMFiKo2tnDijA%2FtfpeawR%2F2IKfZPcQ48KdZJKtkIfEIhZ05sAM47hu9SM3nSF0I3KxqNIyxMZQnywmPXWOpCrUOtWa0RlMpghfoEx7UlrtazNXduOqMYKjq4PYfg%3D%3D\"}]}\r\netag: W/\"69e18d5c-318\"\r\ncontent-encoding: br\r\ncf-ray: 9efe576c9945568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":792,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (791)","md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-04-21T18:21:48.811528Z","times_seen":35,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/crypto3-Bi713gOj.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/crypto3-Bi713gOj.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 45073\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:21 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937d-b011\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7adqBHgpG7TxIMy%2FdSwmDq%2BvR%2FMwmnNdPg%2Fj1fGO%2BE2tFhOs%2BkxxoQIxE8Fhb40DAhVGL1apnRT7cJNNfCWzcZU1gMswYxqZ2H1Oj498d2ndJbGZmGYYq2bXBRTQVuQjXw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5774dc35568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45073,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"7401918092026d21dd7dabc67295ef49","sha1":"53db5a70917874eaeed05b2e893bc51c3333fb5c","sha256":"5614ba3ba38256cc9cd354af165e23840713bd66181a33aa47b5746910dc45ae","sha512":"4875d2e3900f88a580d44720a02e6e934421dad709765ea34858f5a611c080febbe525fa52ee4f9d32fcb0a6e07bcd3e4243b43dfa2a737ca3f7659319bdb3a9","ssdeep":"768:lCCSfM5x3ifgWTfcVXTIae3k4NrUnRsK3rFh9WhT0v7zIf+B2ow:1SfM5kf/0VXle0OUnyK3gTPow","tlshash":"aa13021e41a4b5b23e0fbf571c29db00d3a7e7d58613da17c9d6855846050da31acefc","first_seen":"2025-08-26T17:46:37.219207Z","last_seen":"2026-04-21T18:21:48.819329Z","times_seen":53,"resource_available":false,"data":null}},"time_used":1352,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1169,"receive":183,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/index-bg2-DH3H8kTp.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/index-bg2-DH3H8kTp.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 267711\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:25 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69381-415bf\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wrgJhGwBn1g3qSEirwL7eMX6xT0x2UtZ71zbkIPGaJbpQOfLs8VgcfbS2Z7%2BkKbuVVoSqjepKyl9D3yUSChhEt5vK8xZfO64Cvm%2BspQN0Yc8hICjGITexbmjkDzd6Ki1Kg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57759d0f568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":267711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 734, 8-bit colormap, non-interlaced","md5":"4e2ceadc2a00a7055f2d30b675301f2a","sha1":"23544a569e9f2129980acabcdef51b8c225117dd","sha256":"0113b32c782902d3f6c16a832653c99172ac40d17a454ec621e4366ef56cc280","sha512":"3c70550b3a9821a4b962341fd0cf08bacdabfdebe7eaf65a77946211a78701d72c5a8e321e24bca94be9634c4af66deab691317d98709587f23b5efb556b3d5e","ssdeep":"6144:fHeZ8M1KxbmeW02HluhfdZ9de39D3Jly1ZBWIUL:fHeK9xTWVu5lul3JM1ZBWIUL","tlshash":"b344230c360554c3edf7d874b31cdbfadd9b3cbf249d8528a672a36a4aa502c15c99c0","first_seen":"2025-08-26T17:46:37.264725Z","last_seen":"2026-04-21T18:21:48.779701Z","times_seen":53,"resource_available":false,"data":null}},"time_used":2125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1168,"receive":957,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ab2a655a74f740efa2025401359375ca.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.253","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:46.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0ab2a655a74f740efa2025401359375ca.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 21 Apr 2026 18:09:47 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2527\r\nConnection: keep-alive\r\nx-oss-request-id: 69E7BD6BE613583836954450\r\nAccept-Ranges: bytes\r\nETag: \"9C5D020AEC325696D1D22476E7728DA4\"\r\nLast-Modified: Thu, 03 Oct 2024 06:55:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17182148815916858481\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nF0CCuwyVpbR0iR253KNpA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 136, 8-bit colormap, non-interlaced","md5":"9c5d020aec325696d1d22476e7728da4","sha1":"e9ff2cdf5160142a77c449947e659627d7ee0a6e","sha256":"3fc4675d2a41c72bc9dd1c9568b0104320bc66b77a69ad6ced74fcfbf1e1d933","sha512":"a932dd67813eeebb6a1393473906fdfcb5cdda3e9428a111476983bdadf8e37f6b6a03773cb3ae4a9bba26b165697a59bf4fa86c9fc42c256246290bc397f665","ssdeep":"","tlshash":"a9514c978961de1fb26822d2c1c1b142acaafe4f117debbd90d4012ebf5c612911df4d","first_seen":"2025-08-26T17:46:37.24324Z","last_seen":"2026-04-21T18:21:48.822883Z","times_seen":35,"resource_available":false,"data":null}},"time_used":2075,"timings":{"blocked":890,"dns":40,"connect":281,"send":0,"wait":293,"receive":1,"ssl":567},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/CreateOrderModal-De4MFw1c.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/CreateOrderModal-De4MFw1c.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WoPQInrVZVBztWnwwJJUDWp0yWeTPvjb6LMF%2BHBbGPIK5lWdFmSeW%2FCy5zcOBADBgwargr2a%2BtD4mvu1zil9BrOPQ2Eaal6Ra0vWhWGaMTOs5EUhHjza3wOtkcrjfQ2LZw%3D%3D\"}]}\r\netag: W/\"69e18d5c-380\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783fe3d568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":896,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (895)","md5":"cbd343f17246767930d7cdc3a31afc75","sha1":"53f07e27207566ac0bff5087541d29ae88dbf93f","sha256":"50a406ccd97ba1abd8bb250ed95633f2aa6335867512902988da8148ec9a8544","sha512":"e90f43111a41600d98e32838e6f26b63835956482970cf9a0e3e05c3110a5055883c9be8c00d7adee72d237f900fa332beffac4a3b6e420a6a010b1a558a7036","ssdeep":"","tlshash":"0911365b7088a73f5c3bdba000a6a01e1262ff5b8c2113d50aea5193c99fee76512244","first_seen":"2026-01-30T06:58:07.103163Z","last_seen":"2026-04-21T18:21:48.805896Z","times_seen":32,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/index-Dw5PEkk4.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/index-Dw5PEkk4.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nw3b%2BLuYRoe1Im9rt0K7iFGnRzli1WJM%2FJWhU4edaP44Oe%2BzsTi1jgSCl85IFhGLdCxvXK7LoOXecfOm7n%2BVANJwkDyqBmg1ZKU64pWSyI3lfuJyvjt73VHUmhq46ZfkxQ%3D%3D\"}]}\r\netag: W/\"69e18d5c-b4b\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783fe45568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2891,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2890)","md5":"94e2ec6ec70ebd8a005a7b1188259b86","sha1":"8b817794728faac8e57c3c63a8bd3654807df0c3","sha256":"84a2697cd0feef5457466aa409dcc7bdccba25b3f1f8b68be01ad52d7bb6c61f","sha512":"0def549cb7962bf4cb626f9ec50be090f7f19ba35827828c0e39bc2d1be62d60d16aae8840f688a5e926e5a295a60650f0fa61d936cc0acae2ec5deee0fa5d2f","ssdeep":"","tlshash":"53517530a86952779f77e25091e4470ce92d72c3db5627bd7bad12141bcfbe82ca6404","first_seen":"2026-01-30T06:58:07.037128Z","last_seen":"2026-04-21T18:21:48.815497Z","times_seen":32,"resource_available":false,"data":null}},"time_used":870,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":870,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/CreateOrderModal-rfpUCXt_-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:50.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/CreateOrderModal-rfpUCXt_-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kGlhgnuu2dX%2FKqVWKAa8QCANQL%2FAOw2RfnIcjX9T94PJpgX97gmcalFjBhAQh1bV%2BO1s%2B%2BcfnpUPD9P92LmqJfMAOTnzKIXLIyBNVFvn4vvArYj0ds93F6i4WHVf5jRvUw%3D%3D\"}]}\r\netag: W/\"69e18d5c-3fb1\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5792bfe9568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16305,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16304)","md5":"00bdfd5ef9cd95c749ed97fcd7835e12","sha1":"a934584e575247c493f7dff7c4872fef145632ea","sha256":"2c2849795733a3850f5425c4e8770d0d02a495d6fbbb1d56134a26761a16cc3d","sha512":"336925a1d1a8f73fc5336b7b7bd84c1de22d8282ac103371f3a93a312f8d1f2432c2c43b685efc6d28dffe45067abbfd083ddd7ed4e8f08eb1924750d3b6d487","ssdeep":"384:a5lMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:a3MuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"3672c93c70d0c9be9473d276a2cd68284048bfcfc6625bcef63da66415d9cb15b25a2c","first_seen":"2026-04-21T18:10:22.395882Z","last_seen":"2026-04-21T18:12:11.769926Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/common/getCoinSecondList","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/common/getCoinSecondList HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:42 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"1114d-6c0PVMUzBkbEIQZuhbUtw7cLhh4\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C6iFmrHTQf0cGOc80NStUGBHyP%2BjMvyMWyNdXV8x2oGHnmhgxzRP%2Fkh%2FdYQMBNibb%2B6Vr7CzsUO36DcT7dK8R4yR2IcAhlSeBzXYP%2BR1if%2FxXown8kkI6t6tEAFRMtdn6w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe57600fa1568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69965,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"964c3345b3ab58613673bb62eb424dfc","sha1":"e9cd0f54c5330646c421066e85b52dc3b70b861e","sha256":"c2027e632a5958ec605102fb244e79f1d8ffbc7be46074ead284b5db170d30f9","sha512":"5e125d3e807227103191db9b03d470545296ab28e7808277b1575273b985850431b32d96c5cf66a8646e56db520f4423a8d475a6beb7cdd46921ab5d2fc01779","ssdeep":"384:z2ljIoa7nIi6IiwfR+IquIvG8i8Inca0IEVTaIVLIfII5ZJIgSI4ZIGo6IaqI8Tp:uCJrdcdV6U8e5ymV31D8NYWHgGl","tlshash":"ab634429a738d1fd9221f2da19da791342ad32d57dcc8e0fd6ee49d122d96b7300be10","first_seen":"2026-04-21T18:10:22.467977Z","last_seen":"2026-04-21T18:10:22.467977Z","times_seen":1,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":122,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/common/getAllSetting","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"34e2de-8uQIu9WsbLpyoU95MDc0TyI0x4Q\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7ApXIAiUO5W7VemAVcOHYMFj3bxMtFbyCUuCoLFpNkY7zDcl5OrvbnMX0yqOsGJMIlaEsKKEPl1Naa%2BNfw7hnPGW3kupNG1pgX%2Bk0qT4AWVUY3exmCkZocbdU6IZ2XyNeA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe57601fb0568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3465950,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (57948), with NEL line terminators","md5":"089d4f02594684865e41ff4b00f34f46","sha1":"c1389a7fb2be21894bbdd15af6ff42320692ab43","sha256":"6b1e1d2705cf016a539c5f51a1bad0911a1c791ded1fb2c0a89d910edf37d4fd","sha512":"ba7b6843657a96a8c25ea8806f24cbdadcee7fea274af1cf98b37095a47e8949dd39aaefb935a04c1b022866f594f2e678a3ba572ffb8af3ac65f6334684006e","ssdeep":"24576:3uBMwZISuXoIIgd4ij0IyRz+57YwUdv9w5ij0i:3uFkXoIIbnzS7YwUdvmi","tlshash":"1145cfb6c1d7e3ba83d115ec1c345383aeb848dbd38e6b16034edcdca19886851be576","first_seen":"2026-04-21T18:10:22.468937Z","last_seen":"2026-04-21T18:12:11.795172Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1191,"receive":2027,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/phone-mockup-CPfpb_e7.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/phone-mockup-CPfpb_e7.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 261581\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:31 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69387-3fdcd\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=APVgDClA2agsEjchfTrNCX%2FxhLSYPEWq6Tlop7CpCNAxDC3EvupmoZVS%2F3XiEeZAb9TX6IhX6BqAeq0cqgjc1IlFhh76pd4u%2BO15EBCgHtcDty6FlAuCewfe9B0Jdaikug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe5773fafc568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":261581,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 520 x 1073, 8-bit/color RGBA, non-interlaced","md5":"3e14c28536628aa6f2daeb570847935b","sha1":"bec850de8e78d4e079df7a63669034ab9c2d742c","sha256":"95d3880d87d433ce0dfcf6e01249aab632f918094f177d037fce4f81aef5c548","sha512":"9eae404fdda53d8675ffb4328692d0c35a3db0269be1b1da73b0a5f1845060804d556123b2c4788f19c662af2a91ff45ce21e0af960b8ff8101495cdca47e63d","ssdeep":"6144:4WW67gM3Q5ss/10nRyw5V46IhmxEopl80:HWzaQ5sQ0Q6Xp","tlshash":"184412f4b20ae26d07969938ea0c9b45d656c3dfb08b36baf98f5046259ff314479c03","first_seen":"2025-11-30T14:17:39.769779Z","last_seen":"2026-04-21T18:21:48.759895Z","times_seen":19,"resource_available":false,"data":null}},"time_used":2103,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1154,"receive":949,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Low_5-CMIV401Y.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Low_5-CMIV401Y.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 5165\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:30 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69386-142d\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TzzpZ2ga%2B9qVpxk0iGj%2FsX3pfhm4n1D02lvk7nq5LmwJk%2BCtuyxg0ZI9SYxAMR0HQl91nxRyG3ERjZfuwxUPnjueeLW0pNOeZ8gbdp22Mrd0jTnzG1bNc3cASSiHM3laSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57751c80568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5165,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"8c29098b3d0e9ab466eb1881954e3d7a","sha1":"c8ff881fad14961afc827512e7aa876786992750","sha256":"d4a27de602d5c456720fad40a77b4deab49b1e79572473f835ebaa045d8d6a50","sha512":"f4f0843eed3363e5fa1723ea594014e7996b084db145b0441c9b4de081841b3b07518517424adfc1b8e35a0e2fe092f43ab261aac4b39fe2a0c0a2a8c673262b","ssdeep":"96:4SAnqpFPEsnjf4nxVqQpsje9GE2nBU2Jhe+W/WD7Y4kbPJdymXr:4SAGzMnxVGg5Qh9D040xdysr","tlshash":"04b17cd73931c365649dc920bdceb4c3c42f6038729631b90b74ed52c86b804919bf69","first_seen":"2025-08-26T17:46:37.22518Z","last_seen":"2026-04-21T18:21:48.828198Z","times_seen":50,"resource_available":false,"data":null}},"time_used":896,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":895,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Low_13-B2HuoVrN.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Low_13-B2HuoVrN.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 4262\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:29 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69385-10a6\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EKyX3%2FbjJmK9sYSlr2zzY%2B05QR3s%2B4XHRrlBL86AQyDUK2fnIj6Sf%2FtOm9QYDIV0O8uD3qct9aPYw4XjfbAuNlT7awmHjb3Mw1DAGHy2QK14qnTY9rLj63fjIXV3hYnkLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57751c8b568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"1e225322486da698930459293f9cdfcc","sha1":"09ca6066e08ce08ffc2a2d04b6d14d9ec9dafe64","sha256":"8151a3f93d70e3de89de9c9e95e0bf697d1a7f541d1734ba9df79ad7c58762a2","sha512":"bf2418af78b8d093f7560802048801899d09c5a7563c91d2d419020450598059f4ac777e7437e55c1b4ca37b71b92faa1cbd119a448b1cfc42b130a0f5986d08","ssdeep":"96:8OSWmUdZeggw367qTNvFnH5FaIeZAPjseHGYderXJNHNaw360UjtZ1YttBU:8OSWPZbjH7aF+Pj9GrXJNUwK0UjiZU","tlshash":"a8914dccd8d52f85aeed6e6ad4419b55573e1dfc9c149d8a34b0884a9c4037cb120e6f","first_seen":"2025-08-26T17:46:37.269188Z","last_seen":"2026-04-21T18:21:48.814275Z","times_seen":50,"resource_available":false,"data":null}},"time_used":879,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":879,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Low_7-MbUCZvwK.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Low_7-MbUCZvwK.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 5172\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:30 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69386-1434\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dmq5iddHMG7u09c77VblhaxlbHPWE2bWGV1gHzqrOQTqWdPTSNGd3zjc%2BOs%2B%2FPSHwQsSj6sNIRgGuoAKHWA%2BjSjcBL7JJiUmyC1M2lmZkPwJURtFM79N8ZK%2FUk8baOwHJA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57751c82568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5172,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"e38075ca6aec6851335c8a616c6f9496","sha1":"8152c7c77e00e84bfbf7d6f39fdded8ca7ef7c26","sha256":"6a3049f60479030d5b33caf22b842537e58c8dc871bcdfc6db2662c4edd005e1","sha512":"e5daec0492c9a3d5190d6722f142b72b6e855d97ef773601fdf8357c498ac740e7adec9a209221dec86b9d9ff6c5f4b17d729e80598d76ce858827b966aea75b","ssdeep":"96:8OSiMd9yT+70vrsi4pKQsMRjUUBdFvVhLf8Rbk/6jJ5qVVwVMUVycXg:8OSiM7xq/cRjUUtLURb7jvpMYXg","tlshash":"33b17de6e9f51f410ed83cb149fe70aede5bc07960a27e1c3468aaecc5254e38ac0941","first_seen":"2025-08-26T17:46:37.24529Z","last_seen":"2026-04-21T18:21:48.810897Z","times_seen":50,"resource_available":false,"data":null}},"time_used":882,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":880,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/common/getWhitePaperSetting","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"61-cs+4cplKS5Kv5Mt4z+cOezR4Ixc\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AvK5wLA1vJASJglQHGkOY7lMxftZNa4JQjQQ3B7dXaF%2FXmVNMJA0uHwfL8MJ1aVyWkmAQtN13FUeyFlGljWT1uQyXx42YuLlENixH99t8kXqMLessoK5ZdCJ2i1ZOhyvcA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775ad3b568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":97,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"515be3ffaa24c39d6b68bab07de80003","sha1":"72cfb872994a4b92afe4cb78cfe70e7b34782317","sha256":"3293b1dd5c12325b3e12cac1ec4b0963a9e7e5c61ec93e329950308f65974124","sha512":"72b34bdf9aa7cf9f9c2f01ce62cb043e5ca2536ebae1e545d865a857430d3869d4b1e007242470130093fbfd5be67b86e6c5bb2b8ab242f370856511b64e59aa","ssdeep":"","tlshash":"24b012030858cfa29d0ba7c86006030b48ccd52dc5c10612d80c543c7d080585049725","first_seen":"2026-04-21T18:10:22.472446Z","last_seen":"2026-04-21T18:12:11.713308Z","times_seen":2,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/kline","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 54\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":54,"data":"{\"symbol\":\"AVAXUSDT\",\"interval\":\"ONE_HOUR\",\"limit\":50}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"1644-fqhBL/fQMom/i5xCy0+SrDOKqXE\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b7Xzk4xqmMvrmVpZHvWrbmpc3w0MoV85sf92kU3n6kYR%2BDdSU%2BGYbgnTvBLp1C0NWl7teoJOLcZi1GdVXFOq1fLBObnPj%2BL9vAMtkZSpKW%2B%2BHKMqKc7rXSPaF2o%2FHiK2cQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe5775dd8c568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":5700,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b7809951f8c5352a3de620167748b61a","sha1":"7ea8412ff7d03289bf8b9c42cb4f92ac338aa971","sha256":"fe40a6c137975817af3349557bfffb4c5d297f875673f82423dda6a06a5f7bf5","sha512":"30cc141c8a48114c12d6cf675b360aa7cd5f17e2cabedaa14715562c7af407f2e1416a22e8762bab1986e6ed47a4a6ffac0a263f834867c9e2800ec46c2146de","ssdeep":"48:Yd+1J24lzdz7zcVnXT8PnN1HyJIPuaB5h1rqNfkNAjsxw5b3V87zpjIYIWbvDXU/:XJPkXcjJAliWWS296fvh","tlshash":"bec1b3221aacd0b4e633aee62b53b991d51d78b799cd1f25029c5a303de063f85783f1","first_seen":"2026-04-21T18:10:22.473355Z","last_seen":"2026-04-21T18:10:22.473355Z","times_seen":1,"resource_available":false,"data":null}},"time_used":973,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":973,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-21T18:09:37.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:38 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 01:33:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dgnTfhQ8%2FU7IyfXbFrxesEGlcNuvSiqxmu%2Fkz5gajmpVzgLjl54xF%2BGlUtXdGb4lchqwxbuBVTZ07mhZI7cyulk2EnPcVlFZwn3geFQiQ52DiK5q4BIelwmG%2Fegbsy6TXQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9efe57407e3d56b1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":256674,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (600)","md5":"6e4b324ef60a706401ba4ab9b766710a","sha1":"bd884a5ab9c5b8286a91b8914f54c3476e5d766b","sha256":"768af5416cc832eb174e0600713b1d2a93f8a701ada33ba9604b68d07f6a451d","sha512":"4a0ae9bf80e30f9227cf91677d27e4c067a9bd6748d273919264f4d05e8d6e89c4b35771b6ca4daf13bb93263060e6796a94cc69d71096982a93afa7ecfb6d06","ssdeep":"3072:q3uTAPhzOAKHV4CQA1xSFWPRyndhccIJCbxKHrxGHjPhC:qy5V41A1xSFWPRvHrxGHA","tlshash":"104418aaade310316913d07e57ef6205f6318013850add243e5c93486fd9b6c86bebed","first_seen":"2026-04-21T18:10:22.474352Z","last_seen":"2026-04-21T18:12:11.709304Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1318,"timings":{"blocked":66,"dns":44,"connect":1,"send":0,"wait":1185,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Login-B_SJkevf.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Login-B_SJkevf.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5gYYSy1XiaIrA546CU9ebXax9uCr2NHJXMtBYuUHu0XfysuSA74b6MRLRaShSvV9YVRRt6ahcegemGWXmTKPcttuUvCo6SbWPeXrINB7G7EXKYi7PgTyWAAh31PEHK8K0Q%3D%3D\"}]}\r\netag: W/\"69e18d5c-e5\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783ddf3568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bae627bf13d569007ee014e7d11dd7c6","sha1":"b4351e257b02d016d18e9dfffa5a140f2fdbf144","sha256":"aed61187cbecb64a4b81f27208a0f93dda0961b46cb91cb6d6519def51cee05c","sha512":"77784ddbb35fadd017a3fa5b153e82e690d61dc49e698369fa33cc6bf98bbb84f9607b94cdf6a645096fe5fb32e957e6d9a46017fc2a5303a1146275a1a1e738","ssdeep":"","tlshash":"89d0c904755e142189b7866058d1c9980aaaa3d3363b88a833c356cf6f8325a642f5c7","first_seen":"2025-08-26T17:46:37.226419Z","last_seen":"2026-04-21T18:21:48.798788Z","times_seen":35,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/TradeLayout-DtwBVIFP-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/TradeLayout-DtwBVIFP-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z%2BpINGqd6zpGcEuPbebPRqPGNY9mUFeVChbaUbSzUIRfm8QK5Z91j9z0TbLqpratGOUwDPWph6MkKYOR%2FvaXD%2FHK1xNeSpHeF83u2PYLobzfqRvWgZcKr9KJ430u6qAKEg%3D%3D\"}]}\r\netag: W/\"69e18d5c-654e2\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5783fe2a568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":414946,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48010)","md5":"e7ea7fb68cef2589fe4ed680e91d1298","sha1":"89a670b4c3169dd12f55b9f44ba94a867fb0d2ff","sha256":"e4ef84016867668a7831b978d64a571f8d51ba0677bcf7a34a7bd3976805ee9b","sha512":"7594824cdfdee3ea730a90ae7836ab2ff7328fd366a28216fa4472c226a8a866487e6dbc743319e68de6ccc1c3e8c087b94ccc1cc39f81c895ed282ef1e0a59f","ssdeep":"12288:G37MnWzG2+iFeq6Zz6uSx6c92e1sD5skF4:GrMnWzG2+iFeq6Zz6uSx6c9c3m","tlshash":"1d94e580b162e53993f391b5107a0401e3197f89b40685adf27dccd73eaad9a71baf34","first_seen":"2026-04-21T18:10:22.454661Z","last_seen":"2026-04-21T18:12:11.792307Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":411,"receive":1197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-DehamXAc-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-DehamXAc-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KuHW5TdCSittmAWi%2FZ75wjNrh9yLUX3jaRqGj9bSaAJUhmoqY1teM9Jng3DOEqeObIEu5UtO5tOYaRJyBk4TP2aKY1067XzNGNYvl9eQmBZr87f6q5p3Aef3E7A%2FcWUy8g%3D%3D\"}]}\r\netag: W/\"69e18d5c-523da\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e50568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":336858,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"dcf16ea26b2ef7492cae8b54c03efead","sha1":"18ecc953c8211a2a53445f79cab61b5a3860e568","sha256":"d092a071ec82e8153da63e8da6e8d64afdad923c5148904aa665e2dbd6664301","sha512":"c36d9d90dd331e446ac12f79bc79306455296dc6d432180620b5328a911006247e2bbbde1e4c2c42ec41cd2c06fe8f5d7e2bb553e8ae5a36bdc9d2c30f01908e","ssdeep":"6144:rCIIxjxeOb8RhWxM4e5usAdBDt27Y+jYFrBPW/5khijm7L0OYm+mKzFw0T3iTTv8:2IExeOoRhWxM4e5uswBDt2M+jYtBPW/5","tlshash":"67641a847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-04-21T18:10:22.476013Z","last_seen":"2026-04-21T18:12:11.734352Z","times_seen":2,"resource_available":true,"data":null}},"time_used":2277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1200,"receive":1077,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Footer-DuAR8kIW-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/Footer-DuAR8kIW-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hi8cEE4vecjE7jg2nKPZvF8X2bIdqnCbj1%2F9J8Z9UB4r8jGOwHxOyrWKlQkrVaQpalv9oFcFmf1OV1HLkkjpsS6Dq0SbBcLG82fVaDTmIJro3r4DEir2CL7ZoVwUf2Gz2Q%3D%3D\"}]}\r\netag: W/\"69e18d5c-2cb9\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5760580f568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11449,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11448)","md5":"123809744f04e3e0719ad621a769dd5c","sha1":"0c1f9c6d73f5128b8b164ec4997b34d1a2dddf1b","sha256":"4318f1a011f3c3dacd2e97035845448bf25e454bc6091d5658007ebed73ca67d","sha512":"ae48f1aa9ab249d5f2db1b11cb5d7eb6b71ff94635724ad6c56e22035b6002c254f469b099171c73877414ba80daf5bd819257b37dc34c99cee5e4119bfeac40","ssdeep":"192:v1vNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:9vvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"65321a057973c9f9c6b784b5b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-04-21T18:10:22.409902Z","last_seen":"2026-04-21T18:12:11.711302Z","times_seen":2,"resource_available":true,"data":null}},"time_used":891,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":891,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/api/common/getCoinSecondList","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"POST /api/common/getCoinSecondList HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://aiinvest-tw.co\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: satoken\r\netag: W/\"1114f-fRtxcUIzB55DZ8mh6I66qac62z8\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZIxnkm42lxa01eck6ujqjHKHtkKVjt8JRZB%2F4reZdgv98nbNtbztMhUfYEaKzqkohKQ%2FMWKl84qiduvbMedsYIkQ6o4EkjoOUx3RAwzGK5%2BKKVeNticZGyfVC01d1xqmiQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9efe576d09dc568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":69967,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0fcd14f97da2b7ca2a40df5fd9f2ef7a","sha1":"7d1b71714233079e4367c9a1e88ebaa9a73adb3f","sha256":"c6ad9fcd267fc365c78e1d8c97a121211a30a857c854c748cb85e51bca8371c4","sha512":"3bd7405e5246e3656ee6e968f3197c2c997e70bca006013a3a067121e5e4f6ba472a48fc2b343085e52598d31e4f4e2a88d1740418a26e0e5c8b7dc4399d1c7e","ssdeep":"384:z2ljIoa7nIi6IvnfR+IquIvG8i8Inca0IEVTaIVLIfII5ZJIgSI4ZIGo6IaqI8T/:rfJrdcdV6U8eG0k1D8NYY7wl","tlshash":"76633329a738d1fdd261f2d619da791342ac32d57dcc8e0fd6ae49d122d96b7300be10","first_seen":"2026-04-21T18:10:22.477301Z","last_seen":"2026-04-21T18:10:22.477301Z","times_seen":1,"resource_available":false,"data":null}},"time_used":453,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":336,"receive":117,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Low_4-Br3Z_v1E.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Low_4-Br3Z_v1E.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 5210\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:29 GMT\r\npriority: u=4,i=?0\r\netag: \"69d69385-145a\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Aq%2FexdhLg83i5d1dSPLj0TaTZq9l503HY5pFX9wdQCkDT1H%2FCMAyQinP%2F2HFHELbIu%2BuvEGMTOh2Gm%2B2pP%2BwtABLRyT6lq3xOhezyRROm2%2FmXPqF44NAdA1XZb44V9cu8A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57750c7a568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5210,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"95b8e27073c3c6e483b1a0609d083f9f","sha1":"2c4ef32b62fecfcb1cf70e0676f088c54a7d5fa7","sha256":"cf0f9d03ca1dbadd2bf8035de500cd44cd22693a30f552beff3c1ca19b014a5d","sha512":"bac6e493131b8b30a759e54276893c3544058d4a2540b7672013d49d5e2b3b6dd2a6ac21982e11ca156f7c7e0d8e2812b751cd6e3f8d1ac6189da8dba35c5a08","ssdeep":"96:8OSB6U77P8HDm2GqvjYUZKKmqVvLf8vPI1nlr8HznVGkvarcO12ReC5biF6vh:8OSYMPoDm2GqvLKKmqVvLf8vPIdlkEJ+","tlshash":"65b17dd37a01d0832e56b85bc39aeb609963344b87126a04edb1edcc1496ece0fd4ee5","first_seen":"2025-08-26T17:46:37.277551Z","last_seen":"2026-04-21T18:21:48.805224Z","times_seen":50,"resource_available":false,"data":null}},"time_used":885,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":884,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/index-DehamXAc-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:49.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/index-DehamXAc-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A3uwlaXPkKEOgIDPCWgkwXg83oAMkezjAoVcZ%2B2Zq%2FPSWqfqHwkje7gTV4W4xH06BikIuPqkpEW5dhX6WxQh7lmi89OFnhBzArSLrPJm2WQVTl%2Fo%2FxOvpMfoaCA1cFfiRQ%3D%3D\"}]}\r\netag: W/\"69e18d5c-523da\"\r\ncontent-encoding: br\r\ncf-ray: 9efe5789ac9e568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":336858,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"dcf16ea26b2ef7492cae8b54c03efead","sha1":"18ecc953c8211a2a53445f79cab61b5a3860e568","sha256":"d092a071ec82e8153da63e8da6e8d64afdad923c5148904aa665e2dbd6664301","sha512":"c36d9d90dd331e446ac12f79bc79306455296dc6d432180620b5328a911006247e2bbbde1e4c2c42ec41cd2c06fe8f5d7e2bb553e8ae5a36bdc9d2c30f01908e","ssdeep":"6144:rCIIxjxeOb8RhWxM4e5usAdBDt27Y+jYFrBPW/5khijm7L0OYm+mKzFw0T3iTTv8:2IExeOoRhWxM4e5uswBDt2M+jYtBPW/5","tlshash":"67641a847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-04-21T18:10:22.476013Z","last_seen":"2026-04-21T18:12:11.734352Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1370,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":294,"receive":1076,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/ForgotPassword-tn0RQdqM.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/ForgotPassword-tn0RQdqM.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: text/css\r\ncontent-length: 0\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\netag: \"69e18d5c-0\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ntCki4PGIFSklVqGB1Qh4wAyfrj5AZmZ20EFnqMOi5qdeL9rGihFa%2FBus8SMYKmMTl5%2BkX3cfLw0NcVFsAPpHFxxooXyhrPSWXB5ew9u3eWkKNHDvKrD0pBanE%2F%2BnZOTFQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57603fd7568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T22:09:25.934933Z","times_seen":14033814,"resource_available":true,"data":null}},"time_used":883,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":882,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/index-B4CX758G.css","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:42.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/index-B4CX758G.css HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:43 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qimOup3EDN7MM2S1FuJsFSswJ8ksiKWPfqe1Fb6oK7M54d0gl2d9LcTMs3nZX5vKLPbOCG6k90zfVWX43r9NmkNf1vWtXq8%2FZeG%2FmLo7%2BbseZLUQs3KTY20344QE%2Bk3BhA%3D%3D\"}]}\r\netag: W/\"69e18d5c-22b8\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57603fe8568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8888,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8887)","md5":"365152d1a172a0dee690e108c0e563d9","sha1":"19387e4993b29c4ed320a2b31b0d33fea2606df3","sha256":"249b413b72e45131c9a2d1360e03b90ea3b11bd380bdd877b5ab6c99fc9694b4","sha512":"838b657752953eb242073129b94d1fb5fb8f2a74e112c99ca25f34ed39e5301c9835c5d07cc4c0a16673293e84acae267d61e61bba5a77848da0a44c2a8efebf","ssdeep":"192:fpKymUJbiKnehJTJdKSme+jeH1Zpbw7GHKY:fpK/UbehJFdKW+SVZpbXKY","tlshash":"bf02b630a3181c27a277cf155694e6fc5e64a123cbf7091ce2406e28dbfa5f4122eac6","first_seen":"2026-01-30T06:58:07.052438Z","last_seen":"2026-04-21T18:21:48.776878Z","times_seen":32,"resource_available":false,"data":null}},"time_used":900,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":900,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/assets/Frame%207-Y2WnO9cd.png","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:45.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /assets/Frame%207-Y2WnO9cd.png HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 4263\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Apr 2026 17:42:23 GMT\r\npriority: u=4,i=?0\r\netag: \"69d6937f-10a7\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zeoyjHGRKFmIY8L4czrq11EdxGZb7YxUDXdW9144jVu%2F0DsWuqm4ehD6%2FSx6gNd3UOgEaYcykDZcdtravZM3MZ3v6hpKw5vWhvsBLa1MQWnmp58foJOqJo146U%2F5yOk%2BdA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9efe57750c6a568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4263,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"d5e5104db484a25110af449819dfd7ff","sha1":"d71c6ce1c4710fc41fd1c7e3528f71ef71cc6232","sha256":"19b5705c4832fd650e2dfa032ec9c31ae647eb51a7cfb6a8bdf91dfc3eb048b0","sha512":"4579d3e6605dceceb2d3c18ad431ad534b51f3a3a4f40dbee08820407dc3f97ce488136b6709675e6a84d6c58427a923d33fbd4ecaabe8aee935af183186c204","ssdeep":"96:4SqIjc9/X4edqkPCETKZ2OC+vk+YLoQh9skSY6gS54+rQ+:4SqIjc9/oe8kYZpV8QQh9ZSYc5xD","tlshash":"28916dc0bffd596ec8c7e8e4e585a48b6c7724acec5dc1088c71892e8575e331262b54","first_seen":"2025-08-26T17:46:37.295193Z","last_seen":"2026-04-21T18:21:48.833352Z","times_seen":50,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-ZroyYXz3-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:48.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-ZroyYXz3-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BaQwUUdj%2BygehlEjNcsbMX6haUbSEgzxyWA1zWy%2BkhdgLOrWgD212U3OoSBYlCrFPZe6Jgw7DY2c5lleArcgcqimRjfjMdU01OEdmJVTRT7qLcvg88LWRJoBmReVzkaL5A%3D%3D\"}]}\r\netag: W/\"69e18d5c-5f1\"\r\ncontent-encoding: br\r\ncf-ray: 9efe57840e51568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1521,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1520)","md5":"f6663fd3b0bb85e3ab345b7fe697fb68","sha1":"af6fc72189184d9cb9e46b117a422aa8568ae326","sha256":"516fd516183fb68fe521ae71d1c5cc591500b191d236dad61d8e39195e813622","sha512":"9ea86da22b13cc4289f63053217c369bef34d518b9b8310c2f8f210d5ec22c55b62c9a59b8882bf4fe26ec4a9a1258e95a5b6da2ea96adf9bba6e9a22ee3f0f4","ssdeep":"","tlshash":"bd31420d9073cbbc95a391391b4a2168d2847fdada708bccf36c14723aca9b7592c640","first_seen":"2026-04-21T18:10:22.444504Z","last_seen":"2026-04-21T18:12:11.68025Z","times_seen":2,"resource_available":true,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest-tw.co/js/Calculation.vue_vue_type_script_setup_true_lang-5GWkw2Iu-cf20260409.js","fqdn":"aiinvest-tw.co","domain":"aiinvest-tw.co","tld":"co"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest-tw.co/","date":"2026-04-21T18:09:44.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest-tw.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 23:28:03 GMT","end":"Wed, 15 Jul 2026 23:28:02 GMT"},"fingerprint":{"sha1":"B7:D3:5C:B5:80:20:DD:1D:FD:B1:88:3A:78:04:FE:A7:BB:EB:3A:7D","sha256":"91:6F:8B:3D:A0:59:F5:2F:5D:42:AE:F1:DD:1B:D1:1E:C8:D5:68:15:88:04:7B:9A:E2:BC:71:E3:CB:9A:B7:FB"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-5GWkw2Iu-cf20260409.js HTTP/1.1\r\nHost: aiinvest-tw.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Apr 2026 18:09:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 01:31:08 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cy%2FDnIhKIjhjxraDV6RzvOVU%2FlK%2BObMYoxYIi5t7IUfx9obb37IYV1RjouV2N6myIoSIyOHrBw%2BuJsVpKH7IxAIUNr8Lr%2BiBGSXc3ynKdJxPraGRiRpoT6pt3PzDSGfK%2FA%3D%3D\"}]}\r\netag: W/\"69e18d5c-5007\"\r\ncontent-encoding: br\r\ncf-ray: 9efe576c9949568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20487,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20480)","md5":"6f7e5c9e3eba8f1a55f5ec6403ca71b5","sha1":"554e652b36735305ef153d3206b1b50f0e60a554","sha256":"47e92072e5eddbeded659a54e8bf09ae77969a6f10bc9392626cb6bb77e5d5f7","sha512":"e99927b83ef449596a29be1118de6eebac4e44bf00133d708f0d74276023fb3a24d7858ad853eab1e832ad3ada4383d2db70f3dae17f740186db1f9d5d03ae8a","ssdeep":"384:dWSYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:cScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"f192b74db252db3ddbb354f1605e1014e0087fcad426c497a1bf09933aeeeb11a6967c","first_seen":"2026-04-21T18:10:22.404645Z","last_seen":"2026-04-21T18:12:11.738969Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-21","alert":"Sinkholed","trigger":"aiinvest-tw.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}