{"report_id":"8b1dfe47-30b2-4c61-a7ab-10adba0e8a88","version":0,"status":"done","tags":[],"date":"2026-06-17T20:20:06Z","url":{"schema":"http","addr":"weexairp.com","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":0,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"https","addr":"weexairp.com/","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"title":"Weex","dom":{"size":101841,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (40140)","md5":"5ccd8d6c58f87567705a6ec3446c9d42","sha1":"8646d4188f1fc4cb7ea57accd57be45e1db42fbc","sha256":"1aef4af75e648f640aa885c76246c430ab9ad08abd3a9b32f479d59940a4a5d1","sha512":"6e1bd164b6372cd97be0a435ea98c4a8381f83806e65effa75a75c2a4c090669c704fb74c13603509d41b343865f98698a8fb7d26a4ecccf879736b1b13f95f4","ssdeep":"3072:j1IhrOZvDPRGwlD6c7YKgcok6xV4hk3YboI22LJ00UAnkhkZZQ3UV5zUcI:j1IhrOZvDPRGwlD6c7YKgcok6xV4hk3l","tlshash":"bfa31a60ed0053bf503bc5e88958ef787fa1b949c15d6ab9bacc56003bc6de36871839","dom_hash":"domhash3f7d48d8a5867f4b3ad07f1631186973","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"weexairp.com","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":0,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T20:20:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"api.vveexhoutai.com","ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-03-30","domain_rank":0,"first_seen":"2026-04-09T16:59:51.076148Z","last_seen":"2026-06-15T11:15:38.64121Z","alert_count":0,"request_count":4,"received_data":2008,"sent_data":2236,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"weexairp.com","ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"domain_registered":"2026-05-02","domain_rank":0,"first_seen":"2026-06-15T11:23:16.571884Z","last_seen":"2026-06-15T11:23:16.571885Z","alert_count":66,"request_count":33,"received_data":2606835,"sent_data":15905,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"admin.vveexhoutai.com","ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-03-30","domain_rank":0,"first_seen":"2026-06-15T11:15:36.055369Z","last_seen":"2026-06-15T11:15:36.055369Z","alert_count":0,"request_count":9,"received_data":1330524,"sent_data":5137,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.font.im","ip":{"addr":"172.105.196.206","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-12-21T18:41:17Z","last_seen":"2026-06-15T11:15:39.17795Z","alert_count":0,"request_count":1,"received_data":57524,"sent_data":592,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.font.im","ip":{"addr":"172.105.196.206","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":1774267,"first_seen":"2017-10-10T13:42:53Z","last_seen":"2026-06-15T11:15:38.97335Z","alert_count":0,"request_count":1,"received_data":1496,"sent_data":523,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"weexairp.com/assets/LocalesSwitcher.vue_vue_type_script_setup_true_lang-BVSUn7FD.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"763b39e7293303164a4220b7e92ed65b","sha1":"951a9342e7ce2e5b32d206b87f0331c5005741ad","sha256":"10a72d35714ad9755951e9e91799a7d70fa5fcd9eb94bda1b8decfa7d8d6846d","sha512":"a83f62e6c2f99521eed872172e1f45cd828e7a025a76fede3d34399c51e5a27cccf0d0689292667fcd61a352d36f5eecbcfe36cef81d7f1602b0c095cb76e67a","ssdeep":"","tlshash":"4e01658a785b4bbd732d6880c8270811411e5eaa6578c9d1503b8c342f5289897e85b8","size":749,"data":"","first_seen":"2026-03-28T14:54:57.966975Z","last_seen":"2026-06-17T20:20:10.481317Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/HeaderLogo.vue_vue_type_script_setup_true_lang-DISO7C1c.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"67aa7a95155ed885f483bae2ba706b2c","sha1":"d76d5575f97db2da6cbd153fb726d67c00caa068","sha256":"7d4bac5fa53d12d4035885b45fe436033c066eb93bf0511f815f33b029761ae8","sha512":"cbd01baf752909f2c9f84b8b7418fc267981fa15d03aa8318bf6318388e3bfe7097e92c2e0691fea65f933f0b5e93227b3bd809eab660b900259c007be35c938","ssdeep":"","tlshash":"b6d0eb8e9c9a83fc5234888cb82304012a8c06a93325ccf8ea02cd326ffa044a59c218","size":280,"data":"","first_seen":"2026-03-28T14:54:57.971947Z","last_seen":"2026-06-17T20:20:10.492655Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"eventHandler","is_inline":false,"md5":"e56ddbb05a974a6bc5ea44661e509a21","sha1":"448d4cb69f9441e10731b1ff4aa9dc81502589bd","sha256":"1759e8c6c2ce9c987245281cd33bb9260ce82e31b604131a5da486db89369913","sha512":"a3b2b0accbc0f18d13fc0eb6d742a5bf00a9614399e05b97b96ed0963e7d29b5868f73ef541c5f5bf8d125e7f7040d03f39cc853a52ffa2f1e2ebb7a20165242","ssdeep":"","tlshash":"7b700008080000800a002c00e000020080c2000802202008c020a8a0082c088808f800","size":21,"data":"","first_seen":"2023-04-10T22:51:51Z","last_seen":"2026-06-19T17:12:51.039958Z","times_seen":46377,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/MainWrapper-Bk3Q3YSP.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"1932208b6d27c35960fe51fe824f8681","sha1":"c26205d8d3191df87279ebe5281716dd77d879ba","sha256":"17e8e67d667a6c6ff07c238c6ac0ce1e3d13683b4691549679209620b304fac7","sha512":"e0193a8a58d19aa3a9f95872cbe89bf1dbe51176e7e2c37f930f6692f37cd29e93b3c9152cb68648e5b56b25eb0acea0767f5113cfaebf8b85ff7937a8152028","ssdeep":"384:ElGGJHRxrOIS8RfO7/6EJ6X6D+IzQ13BNIHMJ2CQMtXPk:ElGGJx5OISaS/ZJ6X6aIzQ13BNIs0CQX","tlshash":"83420894b544bb7a537745d1801d8480e2290fcef9d4a1d8b3e7de6c2b868b4235bb2f","size":12425,"data":"","first_seen":"2026-06-15T11:15:43.71547Z","last_seen":"2026-06-17T20:20:10.487823Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/HomeView-CzTYVt6n.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b1358e4e9426c50da164ae9c1113605","sha1":"92ef2b4d0f9540fe8041df80fb20096ede10bac8","sha256":"c28c4d5d40a2ca825ec24ce073ce92b3a46e8650ff39e586a53733e592158f98","sha512":"d08328cee385a3ba3f2e79d0137fbba708348c123b199cd77295002f6d0803c733f6b3914a3ccd8a075ec56e39e0d4906a9c8d34be81866a7bfa6a1a980528cd","ssdeep":"96:j460mAgm25VjsbEUylLlyStwHZLfRUVPfiteH8SPvPqc6uUUopPHl8WY4qBPnx4j:sSAmjzUylkVG9DNiUUfp+xE","tlshash":"03c1b60d302acbf9e0b75654b462849062b89f9dd170d916b0ff48313ee6ca685ddb7c","size":5832,"data":"","first_seen":"2026-03-28T14:54:58.000816Z","last_seen":"2026-06-17T20:20:10.499031Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/config-Dvz9uSFg.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a7f97545ae57588854195ab20135a19","sha1":"1c74eaf20aaeb39d8bcb869481639bb4ee66f4ed","sha256":"dc6d6fcbb7862ddd807adfe7bbf9c7dab48e2441e2fc6c86331f409560b9f008","sha512":"a04346fa29920d08741c03d64977e570cd3e8a2f0509bc853eb2dbbd142181d308062bec186bd1427c27f4411a12bc9042d5ee084b114549e0d64857f5fbe8a8","ssdeep":"","tlshash":"8fd09220f5110379ec0ea7c85601645ac3ccc416a5e49dc5f0b51c072f56f4d68f8f3a","size":255,"data":"","first_seen":"2025-12-13T04:04:45.155858Z","last_seen":"2026-06-17T20:20:10.493724Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/CellSfc-CCo4Fc3H.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"2981f0d04f011dbae2446322dbca63aa","sha1":"62e78d2fe09673165029525ffe3fcc5c7c17b18f","sha256":"934d792c298c08a3991f42c53091a041ac633621c843274911c3d39a35e60a5a","sha512":"9d5f24544fa1d39ad3ac4fd5fd53c99eddba5ca585bfd53cabd9aee3cf6625efbf6f8e1fb860cd63588fba89d02359e10d7c2b22124ecad3b2f102c1c185803e","ssdeep":"","tlshash":"fa3160683c04877b88a7a085e45c1c08b1f01f4dcc6080c27ff7925eaf156a99bea21c","size":1771,"data":"","first_seen":"2026-03-28T14:54:57.95262Z","last_seen":"2026-06-17T20:20:10.500136Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/index-Dcs7rQkh.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a5f825fdf732ade09202b545d0bcdf2","sha1":"2b74d0106bdddf88516cf61d264c3e59f051988a","sha256":"13b117a42f5ec618daf29d6980c0a107a092ea6f07e137e66d40e805dd7f8cd3","sha512":"e1a2842308f357b913106dfe418408460b6f87f6d95f2901b83538dcea9776f68879e54d9fb51381bcfb11f3aa36e9a18485a1d2dd734019a5e9d947311a2496","ssdeep":"49152:NnLvCZrSu3rOu0nvtdARQ224YivIAiHJ8lM3DRjiS5h8HCfI22/iq+J3Fa1dEAE2:HT9LCR","tlshash":"ed85f390b0cbe8a943dbc49454ba0291b2188d567148bcf2dcf9dc9bbce1975c2b7f19","size":1790599,"data":"","first_seen":"2026-06-15T11:15:43.750143Z","last_seen":"2026-06-17T20:20:10.502416Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/web-B8CTWZSu.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"importedModule","is_inline":false,"md5":"6ce7718e0c803526eedb03500eedc74d","sha1":"e82d6d846d0f0b67e39aacde854875254fe849be","sha256":"d0cf9997ffb37713e26601ca3cd22a23a28f9f905561189bc934d77b4f6c2691","sha512":"2a722402959217c21789a3404cc5f6aa227dd8a14fcd1503bec941f07c5a703197203160123e8061477b0ce7eb7f518ec2621f16093848a3163fc357b1688b82","ssdeep":"","tlshash":"5821df5023db6b2205cc34d0d0b2513af103b9d47c57907df06da9d11895f45427eeb7","size":1245,"data":"","first_seen":"2026-03-28T14:54:57.951326Z","last_seen":"2026-06-17T20:20:10.484879Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/MarketTabs-Sw_X6iKY.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"42b36d9794c1e6df2e3bf7371a66a637","sha1":"e2c9b3603e5e53ac8765949e10216eef84912cf9","sha256":"9580f3c91d4f257424d20b50c6d952b86a67909cae3328c2d507fda10d2857a1","sha512":"f980ae51a10a675ee15bda63c24d0c4dc4f27266922060d31433f5538b6f9a449b0f1b0e2d3e29916c3d548a69633164a942a9d4bf88299593ca495db1a65e9f","ssdeep":"768:b5k21Y42haBEuCzQ3ndQB0/O1l0yYWst8LPgGo3:J6GB/3ndQB+gRFstKC","tlshash":"d7e2e1b5824e335ac2fb466ddd8aa3606ce6585bd768602b3cdc11239fcfa10ce46f44","size":33240,"data":"","first_seen":"2026-03-28T14:54:57.947273Z","last_seen":"2026-06-17T20:20:10.493262Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/_plugin-vue_export-helper-DlAUqK2U.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"25e3a5dcaf00fb2b1ba0c8ecea6d2560","sha1":"7850b3fd4aeb69387bdb5a60025d15c41351d5eb","sha256":"cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa","sha512":"2e5cc9b53d5641147f68c73e5db0442d93fb6a64da45cfc051da5550a2fad07e912e651bd730e54325ef74eb706be0c5df612355c1dca144ab6e9cc8c4ecc73b","ssdeep":"","tlshash":"1fb012c81cc3e078939818d47738c15844380448310742b0808c0943e2c20809797c1d","size":91,"data":"","first_seen":"2023-03-08T16:39:49Z","last_seen":"2026-06-19T14:53:42.040129Z","times_seen":22759,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/swipeItem-feFPpSQr.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"313e56a32ba70232ef49963a5b2f078b","sha1":"d8dc4706861d71234b993d486ccfa35d83cb0956","sha256":"69ac3e1803e24a198d3e78ac5c70007ea15d5f0604a845687c78fd2d8d8c8492","sha512":"7f380a743d60e6b88c5bf0766368c4575cb023f188813ba3249d583ae8d590e6c564de3c6a9c22705c46dbbf77752d65719f25d51df76719bafe133e07551492","ssdeep":"192:TywIJZnnA2kRuncNp8ak0/w9d1OPMYcKobs3prdDCELfgmZ5mZERhfL4cCr:Ty5Zn/kKcjrBYlOPMYcKobsZr1smjmiQ","tlshash":"3702ca9ab954b83397370061a15908d4633b8bf89420b1e4b157af1b3de5c1c7faf619","size":8690,"data":"","first_seen":"2026-03-28T14:54:57.995341Z","last_seen":"2026-06-17T20:20:10.491338Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/featureNavs-CRJCBRsJ.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec1cd050223e167632cf512e972b1d41","sha1":"d6fe5884e55ab44184b15b2a86b7ae526563c1d0","sha256":"441fe9d1fc95cd5bdd2013f79f6758ee9919505867247f02f56a1de609be30fe","sha512":"9a6c75537fb37922e6c3e9184679e64aef45f4e7d6a9f9a7cb95841c51c6c9831e720b45b37368ea91ad3161180c85e5ab5de9795b7ae94f8f398ea3d58584a9","ssdeep":"1536:TC6P/DbzvM1HkFITVw13d4TwLtzVmOgsM/FpOvqQhYhLtrGtzLIrDITDv:W6Xzk1ZSMOvqQBnDv","tlshash":"15b3d07ed7993f7905bcc83af22a3904d8330e29ef85a4b5be9d4211fd7518101a3936","size":115571,"data":"","first_seen":"2026-03-28T14:54:57.955688Z","last_seen":"2026-06-17T20:20:10.497404Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":true,"md5":"844534324907dc8b4616dcf41dabc097","sha1":"f27a1c5ef1a88749f9500e3eebca45cf04364530","sha256":"9c881cc8e065d74367676dfec0383ba6aaa38d915f9142b22553d86bd460d50e","sha512":"9b9f567404dc7b8f96b7d454a66db782bd007d4fd1843fdb97d8c8c2b1c166e13dc5987585141f9f54901dff4ca35a7560e7c04a8b1f05315628a7b3b23dfa15","ssdeep":"","tlshash":"bb31e04ad57f10410503e4bc2a1e8944be51a01be60b4e16326d46d8df9f4f980e7bfd","size":1664,"data":"","first_seen":"2026-06-15T11:15:43.751317Z","last_seen":"2026-06-17T20:20:10.502894Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/StarBorder-Dt11GyDv.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"acd325eb79f1dc956175a4bfd3d73b6e","sha1":"82b461f7d07e5eef061303ce91c3503efb8d1424","sha256":"a7f1fab31e27cc8e12b5567138bfaef6b2d9bb70446ff1e2d91cfe1e49001f47","sha512":"0d07db0d9577e1fc815d3bd9fffe80ba58a5f95d14151ab14cd2581e48b047b21b8719a4d5e0b3e0ff13ed569c770f937d8cec14d368dd09ad7bd3c2b250be39","ssdeep":"","tlshash":"622174cfa81de2bfb7b38adc9431c85122200229757b98c4f0aed60b0650d024f9e719","size":1442,"data":"","first_seen":"2026-03-28T14:54:57.96549Z","last_seen":"2026-06-17T20:20:10.489332Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"Not blocked: Not Chrome or Mobile Google App","filename":"https://weexairp.com/","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"api.vveexhoutai.com/api/app/indexList","fqdn":"api.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.772Z","timestamp":1781727583772,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"OPTIONS /api/app/indexList HTTP/1.1\r\nHost: api.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang\r\nReferer: https://weexairp.com/\r\nOrigin: https://weexairp.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 \r\nserver: nginx\r\ncache-control: no-cache, private\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\naccess-control-allow-origin: https://weexairp.com\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang\r\naccess-control-max-age: 0\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":600,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T17:09:05.643349Z","times_seen":16553245,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":169,"send":0,"wait":250,"receive":0,"ssl":176},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/dark-cloud-dig-BOzf3Bie.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.159Z","timestamp":1781727584159,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/dark-cloud-dig-BOzf3Bie.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-4891\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18577,"size_decoded":19120,"mime_type":"image/png","magic":"PNG image data, 168 x 168, 8-bit/color RGBA, non-interlaced","md5":"552549dc60f387a23697e5bd8b2565ab","sha1":"e671f6683037bd6cb9146de1ef11fd8bb400695e","sha256":"f158a7736c3429d4f996b5c0af07da6304a23d5178b4d2a708b5cef62a4e909f","sha512":"b534e7e0ef4e53c82d8cada43566317c40876bd245e646844289186ea03a329f8ef234a176593c08b0c92ddd48608a0e2077976a53879533469ce14349034e8e","ssdeep":"384:Gvuuxj9Q21MD+8S/CeP5tvGclwVUz9USAIhzEo7T5p/+M7hlV0aN/Zf:Gvu2QUMu/CePr7lkU5USAIFEo76o7VrR","tlshash":"cf82c0fb5b9b9389898d316aa8dc964cfef36d4468115ec3b0bd4a98eb87010cf00543","first_seen":"2025-01-05T10:02:36.814458Z","last_seen":"2026-06-17T20:20:10.478748Z","times_seen":39,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/index-CR1k8eLz.css","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:41.393Z","timestamp":1781727581393,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/index-CR1k8eLz.css HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-57d52\"\r\nexpires: Thu, 18 Jun 2026 08:19:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":359762,"size_decoded":104496,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"12010c5b83659d86266ec9d3de9f21a6","sha1":"9756f9bdcd3ebc7df8961e57fadf0590f926c366","sha256":"af4cfce1373099d19d90f095ae8582893f28ea4d54956f207a7b9333a1da490d","sha512":"84e075d4317f41979528900621bcec908d3eb3899d1fab07755a4b0c7ac3784e92ae2c3706f89b291997bcd86c31ef6991d6c54282d2a6ba6e811fa98560d244","ssdeep":"6144:wDxsaZsWzScYW84SaGkLjsvqLc5/C73un2CJP5QCovZM2riElQG64xsASw9:wD1hzScYcSaGkLjsvqLc5/y3un2CJP5E","tlshash":"5a7408b4eb8086bcaf1be529cb8b66dcba3cf572ed00d5b4f10551284ac37f91523925","first_seen":"2026-03-28T14:54:57.95814Z","last_seen":"2026-06-17T20:20:10.479292Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/favicon.ico","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.536Z","timestamp":1781727583536,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-c13\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3091,"size_decoded":1830,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"dedd73544342d0b07d749d8e0c3f2f76","sha1":"298be6ceb925343fb6305fd3063a33b32ec3960e","sha256":"4f1fbd1c513f799b330d6d9c4603c525ef2702c01881952f1dc7ce5c1705708f","sha512":"1cb7d91323eb871bb9a8ee6a0f22fe5f2d759eba70307055dc19c9651f8c15f8407b20d759bdb315be3940d2f238402f47fc76f605a8f2c647faa06f530b8373","ssdeep":"","tlshash":"c9519546d4fb80051213d5787ea9f804ae11a11bd70a4e5932ee52e8df8a9f880e77fd","first_seen":"2026-03-28T14:54:57.944687Z","last_seen":"2026-06-17T20:20:10.480205Z","times_seen":8,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/LocalesSwitcher.vue_vue_type_script_setup_true_lang-BVSUn7FD.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.755Z","timestamp":1781727583755,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/LocalesSwitcher.vue_vue_type_script_setup_true_lang-BVSUn7FD.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 749\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\netag: \"69170322-2ed\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":749,"size_decoded":1268,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (748)","md5":"763b39e7293303164a4220b7e92ed65b","sha1":"951a9342e7ce2e5b32d206b87f0331c5005741ad","sha256":"10a72d35714ad9755951e9e91799a7d70fa5fcd9eb94bda1b8decfa7d8d6846d","sha512":"a83f62e6c2f99521eed872172e1f45cd828e7a025a76fede3d34399c51e5a27cccf0d0689292667fcd61a352d36f5eecbcfe36cef81d7f1602b0c095cb76e67a","ssdeep":"","tlshash":"4e01658a785b4bbd732d6880c8270811411e5eaa6578c9d1503b8c342f5289897e85b8","first_seen":"2026-03-28T14:54:57.966975Z","last_seen":"2026-06-17T20:20:10.481317Z","times_seen":8,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/images/2fcc30f33a548a2d4cb7217888bfd4b0.jpg","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.828Z","timestamp":1781727584828,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/images/2fcc30f33a548a2d4cb7217888bfd4b0.jpg HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 20 Jun 2025 17:29:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559a6e-d47a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54394,"size_decoded":45063,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1406, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2500], baseline, precision 8, 1000x400, components 3","md5":"42ea02770d28ec7d591fb1cbfebc0b04","sha1":"f49752bc3f2180ead03248be55d8b4eacdecd5df","sha256":"d8eb9137b78286b8210b64de05f71a88de58cfb8093ca6622fb4169ec153423c","sha512":"6f3392ad08cf55559d38e1cf7e94126742316936e503b4ac574b16ea2bb5a8f6225153eb472994e95a16279cc0df6c4b09da9dd22db4e96fb8099db8dde2a633","ssdeep":"1536:jgybHLUlxK+2yeUkufXLVwvlYEFxPJ8L78i:jgKlJUkuLVwdx8V","tlshash":"6c33c0127300cec6f8a9b5794de0df827751aca81bab26ab7c8c66163b717d44e3c315","first_seen":"2026-06-15T11:15:43.694705Z","last_seen":"2026-06-17T20:20:10.481993Z","times_seen":9,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/dark-fast-charge-D-PHB0R9.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.152Z","timestamp":1781727584152,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/dark-fast-charge-D-PHB0R9.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-4474\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17524,"size_decoded":18067,"mime_type":"image/png","magic":"PNG image data, 168 x 168, 8-bit/color RGBA, non-interlaced","md5":"2c9d83244083ab0459d2a066a812276b","sha1":"7ccc869a505b9315e08827a3c91c167524a54d27","sha256":"d4e2464cf463a80ef7e24b13d03a54fe221e25bd1b9e5b26fbb41480c8ea08df","sha512":"464f22236f2d16ad49b90a9703b58168c59b66810665b905149419828012822f144ab75c93a36f1392919dcee7e1d2d754e0955fed40fc4232b6807f1e4999e4","ssdeep":"384:TH7iTuBm8j3S3cAsQqTPW4gz8s057g++tgTxe5klM:TbiTuBmuChCPTgz8s0r+tgTxeCM","tlshash":"7b72d0d53f00981be3b55c5a32648f9aa36cb3cb5362ee92330c945ad8fd1c704669bc","first_seen":"2024-08-19T20:58:03.474228Z","last_seen":"2026-06-17T20:20:10.482528Z","times_seen":40,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/coin_icon/XAG.png","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.812Z","timestamp":1781727584812,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/coin_icon/XAG.png HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 20 Jun 2025 17:31:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559afa-45c50\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":285776,"size_decoded":280534,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"cb3010c34e02364c510c762a9e0fdaab","sha1":"b251d6dd0e33cfecf6079d9ab7f4b4fee654080f","sha256":"62b4a9870542ee3bd8f8da172733ec5a43287c0a1e7f87e355a627854c060910","sha512":"008b88fd62caef3667640e51376689079d9ffdc20f5557b2064dd3d3c51c8b4381a39e1f6e47cdb9007312241326cf21ee7ae17ca8092af0b51224dec505b89b","ssdeep":"6144:f2xPuRr03i8gOwkBVmwUA5DMHKipfI15yHSoD/QB1oAC/fHPMvcvQ:2+2iROwkKXODMVpfdyq01oAPvcvQ","tlshash":"435423d5aba040128e447be6f9e149477fa247508aac3130bd48741b922fb78d87dc7e","first_seen":"2026-06-15T11:15:43.741323Z","last_seen":"2026-06-17T20:20:10.482971Z","times_seen":7,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"wss://api.vveexhoutai.com/ws3","fqdn":"api.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.763Z","timestamp":1781727583763,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /ws3 HTTP/1.1\r\nHost: api.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://weexairp.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: N58NF5jZMzSnARWajLz2SQ==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 20:19:44 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: WWmOkI6FXwWZe4OUmKSsWueP1Ks=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":208,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T17:09:05.643349Z","times_seen":16553245,"resource_available":true,"data":null}},"time_used":1555,"timings":{"blocked":-1,"dns":523,"connect":688,"send":0,"wait":169,"receive":0,"ssl":175},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/united-kingdom-CamCehN9.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.150Z","timestamp":1781727584150,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/united-kingdom-CamCehN9.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-4c77\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19575,"size_decoded":19299,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"aac0dfefc080856931658ea9c760534e","sha1":"6495d0a202721472461a53b11c79aea953184a7c","sha256":"16d2af8dfe6bff63fd76dc7434e09f1c98de85b1aa8d35ab98b473bae3c1f97d","sha512":"b515165c08b5ce687c5e346d0ccebef61c18479e0cc351d03206c22271093564b9bd5d71bb172f37c2d36c11c74d1f8360878b39dd5e1d5a1e16ca7f99e6f40f","ssdeep":"384:padN/jQnWhc1RHy0kXMsjjGabl8QAQObXTbzR3S0Ay25iW0yIVu9EUaYwu:paXsn/1cTMpaIXT/RCyHH6mw","tlshash":"e592d16a46a7857368484a387c4c41a883e94d0f139f322dffcb69c46b767395577882","first_seen":"2023-04-14T10:28:17Z","last_seen":"2026-06-18T18:46:46.648039Z","times_seen":588,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/coin_icon/XAU.png","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.810Z","timestamp":1781727584810,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/coin_icon/XAU.png HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 20 Jun 2025 17:31:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559afa-1f00f\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":126991,"size_decoded":126845,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"3289f879bb60002fd222f606764c5ac7","sha1":"656dea05a0332e1b0537d62447f63d7a2f7935c1","sha256":"84afd53e3ec02aa8e5e5b616f8a5ee8a13441ea7386ec9d380e1e624e8bae130","sha512":"90e3aa8a000098369d8035f3bda27d0fba4ec3a2e331ad104e81429666110a642bdc5dbbc7bfc130ab385afbca1398a25af18e289b0d6b702ea77882ccd2b4c4","ssdeep":"3072:/pNqlm2Q5Qi2Ez8q4L5uQK5pN2GhVEqCMaXnwjNkb:/CQZMEz8cQ+2GhxaAZkb","tlshash":"27c31293eef9732e8604b313ce34f3266d01eb544105a58e7abf5c09fa64d85a41b72b","first_seen":"2026-06-15T11:15:43.69304Z","last_seen":"2026-06-17T20:20:10.483915Z","times_seen":7,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/bitcoin-Ch5bWVJs.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.819Z","timestamp":1781727584819,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/bitcoin-Ch5bWVJs.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-57ef\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22511,"size_decoded":22492,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"739b23c09110f71caff84f106aca3ef1","sha1":"bdbf10ea1102559324151b99afba18769b7d877f","sha256":"f6eae470e04e65fe815209e27138160d007f34ebd07593a6109293cdcfddf5d4","sha512":"babed2c1da5ad06d6b90409e3250842614dbbbf0894df1c5b2e83c5eb2801c8b4c944220738203f44c79c7bed9a27972ab98322861ce5bc7f4915adaa193bde8","ssdeep":"384:+MMXmtO4Qt30CmCrgl42SxxL5NNp3AnKN8US97d0HszaOwVA2ZafMS:XMUOTyCd0cx7Nj3AnCSxdxaOwVlS","tlshash":"72a2d0bad8aa454fae04b078d58fac63a11203515fd4c35219dfc8a4bb3da8cdd15eca","first_seen":"2026-02-07T02:38:45.604604Z","last_seen":"2026-06-17T20:20:10.484419Z","times_seen":29,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/web-B8CTWZSu.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.432Z","timestamp":1781727583432,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/web-B8CTWZSu.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/assets/index-Dcs7rQkh.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-4dd\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1245,"size_decoded":1130,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1244)","md5":"6ce7718e0c803526eedb03500eedc74d","sha1":"e82d6d846d0f0b67e39aacde854875254fe849be","sha256":"d0cf9997ffb37713e26601ca3cd22a23a28f9f905561189bc934d77b4f6c2691","sha512":"2a722402959217c21789a3404cc5f6aa227dd8a14fcd1503bec941f07c5a703197203160123e8061477b0ce7eb7f518ec2621f16093848a3163fc357b1688b82","ssdeep":"","tlshash":"5821df5023db6b2205cc34d0d0b2513af103b9d47c57907df06da9d11895f45427eeb7","first_seen":"2026-03-28T14:54:57.951326Z","last_seen":"2026-06-17T20:20:10.484879Z","times_seen":8,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/CellSfc-2w4mhYVQ.css","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.749Z","timestamp":1781727583749,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/CellSfc-2w4mhYVQ.css HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-5be\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1470,"size_decoded":1092,"mime_type":"text/css","magic":"ASCII text, with very long lines (1469)","md5":"6c09dca13a8a624b5036aa96f1780137","sha1":"26571a9ea136f6c462fe49361f75f82af45c51db","sha256":"e0154ab8dae966b73ccf94078b61a340d9787fe769147aaecdfcfc3b088fb41d","sha512":"c57dbc094876d854fa3cd1a3af755632f7b4c396c6db82a50f5ecd8bf9214236ead9f33274db84223953c0c143a99e9872fb44b4142698211085ebe0d1f3e365","ssdeep":"","tlshash":"c031d8bdee60c2ade05fba193fe88bacf964ab748c1585657f40401063c27f389d3910","first_seen":"2025-12-13T04:04:45.174789Z","last_seen":"2026-06-17T20:20:10.485449Z","times_seen":67,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.font.im/s/ibmplexsans/v23/zYXGKVElMYYaJe8bpLHnCwDKr932-G7dytD-Dmu1swZSAXcomDVmadSD6llDB6g9.ttf","fqdn":"fonts.gstatic.font.im","domain":"font.im","tld":"im"},"ip":{"addr":"172.105.196.206","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.179Z","timestamp":1781727584179,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"font.im","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 14:55:36 GMT","end":"Tue, 14 Jul 2026 14:55:35 GMT"},"fingerprint":{"sha1":"1F:6F:51:DD:E1:47:9C:1B:E2:CB:B4:2B:76:FE:32:4A:13:3D:EA:79","sha256":"16:B1:39:93:84:F7:4D:C7:AE:27:50:62:32:71:39:E7:38:79:F3:26:81:B4:2D:1A:2C:41:CE:08:95:BA:9B:17"}}},"request":{"raw":"GET /s/ibmplexsans/v23/zYXGKVElMYYaJe8bpLHnCwDKr932-G7dytD-Dmu1swZSAXcomDVmadSD6llDB6g9.ttf HTTP/1.1\r\nHost: fonts.gstatic.font.im\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://weexairp.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.font.im/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Wed, 17 Jun 2026 20:19:45 GMT\r\nContent-Type: font/ttf\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nContent-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\nCross-Origin-Resource-Policy: cross-origin\r\nCross-Origin-Opener-Policy: same-origin; report-to=\"apps-themes\"\r\nReport-To: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\nTiming-Allow-Origin: *\r\nExpires: Thu, 15 Oct 2026 20:19:45 GMT\r\nCache-Control: max-age=10368000\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Cache: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56724,"size_decoded":57524,"mime_type":"font/ttf","magic":"TrueType Font data, 18 tables, 1st \"GDEF\", 14 names, Microsoft, language 0x409","md5":"27ee48861be00807be1bac2522656524","sha1":"ea2c9dc473a4fadaa4dd2a3d604205ce7b167e7b","sha256":"a34be2f218606a8ce3ae258cc651be20cf1c07cb5fb8f13b7b8d89b7f1c5b273","sha512":"6c24c7e1648440e13b5e1b3d9a3bb0ebf927dabce2e54b4825995f725c2ffe86fed8cd33306c966a9b4423068fa605a467f81d772bcb51dbaa2c31e2bff8abf4","ssdeep":"768:2NvdPJn9DkDyKg1Tq56+HNKbmB7+U9WTxkCFYuLHJHVUoS07L:SdttAa1Tq56+HNKq0U9AxTFfV1U7SL","tlshash":"d743280af2031709d10676b8c6b3e7b58b65b4261bfe1b4a6dc515fbcccc14ace66293","first_seen":"2025-06-27T16:30:47.009176Z","last_seen":"2026-06-17T20:20:10.485922Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1929,"timings":{"blocked":0,"dns":278,"connect":255,"send":0,"wait":628,"receive":253,"ssl":515},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/images/32aca1c6e7add86de924a1447eb5e7d6.png","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.682Z","timestamp":1781727584682,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/images/32aca1c6e7add86de924a1447eb5e7d6.png HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 20 Jun 2025 17:29:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559a6e-1fdeb\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":130539,"size_decoded":123852,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"bf65420fe52df4bc773c1c3ef6c24dbf","sha1":"481b216e4941266c9ec31d92c25b79fa308190bf","sha256":"627239b0ee15a7236d13793dbc66300a52e0b609e7c4b1bef03d89d85366e73b","sha512":"2cb3f279dd9421322e97a37393dc7dae48d10ad190942b7f70e5ba8e8f54e25ae010c5fea3a659c3c9e45c3e76f524dd90ff77ceb05a4f37773026b4d1c33fe2","ssdeep":"3072:JfTT0DQQW8TdcXKR7aEQYQ6IEAsnqVEPc8ANN:Jv0kQjRYQaE52EAsnqP5NN","tlshash":"dad3f18c1539c9e62b4f503a594a7b77bf3bc6010ad660f7c8749208d8bce45995fbc2","first_seen":"2026-06-15T11:15:43.691105Z","last_seen":"2026-06-17T20:20:10.486428Z","times_seen":4,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":0,"dns":6,"connect":170,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/ripple-w3Ef2fFk.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.821Z","timestamp":1781727584821,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/ripple-w3Ef2fFk.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-5326\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21286,"size_decoded":21247,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"529430a2e37575aff61eb7bb85b750c5","sha1":"b2889992dabe4cf4a7b993ee7a0f15869f7940a9","sha256":"1c3295743626465623ddc3da8377a7983c26d859f229b5664c1eb496b803f25f","sha512":"a3bdbfc83016cd553effb6795030a5b41cdd452f243fa2b6cf7498531b74fdd33da8f13bfe3b84f687121631d6ffb7953d89913cacf8d9b323f127da4f09507e","ssdeep":"384:+G/jAMCJvIHv2Ix9UfJ8rd8mrLsr9wu080zAKcR0LT605D8e/4Puoj:f4hIHv2IHq8rdlkiQ8ncR0fI+4Puoj","tlshash":"c9a2f1cbadbb5119f816202218a073d306984dfce9dbdc5f19287cc75758e8eecb4864","first_seen":"2025-08-11T22:32:33.056022Z","last_seen":"2026-06-17T20:20:10.486893Z","times_seen":8,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/images/32aca1c6e7add86de924a1447eb5e7d6.png","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:46.025Z","timestamp":1781727586025,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/images/32aca1c6e7add86de924a1447eb5e7d6.png HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:46 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 20 Jun 2025 17:29:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559a6e-1fdeb\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":130539,"size_decoded":123852,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"bf65420fe52df4bc773c1c3ef6c24dbf","sha1":"481b216e4941266c9ec31d92c25b79fa308190bf","sha256":"627239b0ee15a7236d13793dbc66300a52e0b609e7c4b1bef03d89d85366e73b","sha512":"2cb3f279dd9421322e97a37393dc7dae48d10ad190942b7f70e5ba8e8f54e25ae010c5fea3a659c3c9e45c3e76f524dd90ff77ceb05a4f37773026b4d1c33fe2","ssdeep":"3072:JfTT0DQQW8TdcXKR7aEQYQ6IEAsnqVEPc8ANN:Jv0kQjRYQaE52EAsnqP5NN","tlshash":"dad3f18c1539c9e62b4f503a594a7b77bf3bc6010ad660f7c8749208d8bce45995fbc2","first_seen":"2026-06-15T11:15:43.691105Z","last_seen":"2026-06-17T20:20:10.486428Z","times_seen":4,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.vveexhoutai.com/api/app/getNews","fqdn":"api.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.773Z","timestamp":1781727583773,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"OPTIONS /api/app/getNews HTTP/1.1\r\nHost: api.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang\r\nReferer: https://weexairp.com/\r\nOrigin: https://weexairp.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 \r\nserver: nginx\r\ncache-control: no-cache, private\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\naccess-control-allow-origin: https://weexairp.com\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang\r\naccess-control-max-age: 0\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":600,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T17:09:05.643349Z","times_seen":16553245,"resource_available":true,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":170,"send":0,"wait":248,"receive":0,"ssl":175},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/dark-ico-subscription-BpRDNB_N.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.156Z","timestamp":1781727584156,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/dark-ico-subscription-BpRDNB_N.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-4db3\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19891,"size_decoded":20434,"mime_type":"image/png","magic":"PNG image data, 168 x 168, 8-bit/color RGBA, non-interlaced","md5":"127bfb58652ea61484358976059901d7","sha1":"20ae90a4b945973a7a156773bc491e27def43b1b","sha256":"3047ed285c1386b51a1644756346453bca7a117e7c1ce2db1d7f3c26453019cb","sha512":"2fe061098a0dd0a877493e7b61fbe56934443f5bd1ee17013f3ab3a015942d86f9f9f89056c4d8c2aaeaafe77be97f0c9ada6496646db9bb96a9cb7fb677a01e","ssdeep":"384:wBJQ/xzkC7P8frojXMcIf7d/9TvII0THnLXYIfjYK:QCxRopjFlvII0TrXYI7","tlshash":"e192d0d9063a2c765c0b8e31cffb38eecd923457b5ed619816cc8aa16d082ed603471b","first_seen":"2024-08-19T20:58:03.46314Z","last_seen":"2026-06-17T20:20:10.487387Z","times_seen":40,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/MainWrapper-Bk3Q3YSP.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.736Z","timestamp":1781727583736,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/MainWrapper-Bk3Q3YSP.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 30 Mar 2026 03:53:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c9f3bc-3089\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12425,"size_decoded":5338,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (12424)","md5":"1932208b6d27c35960fe51fe824f8681","sha1":"c26205d8d3191df87279ebe5281716dd77d879ba","sha256":"17e8e67d667a6c6ff07c238c6ac0ce1e3d13683b4691549679209620b304fac7","sha512":"e0193a8a58d19aa3a9f95872cbe89bf1dbe51176e7e2c37f930f6692f37cd29e93b3c9152cb68648e5b56b25eb0acea0767f5113cfaebf8b85ff7937a8152028","ssdeep":"384:ElGGJHRxrOIS8RfO7/6EJ6X6D+IzQ13BNIHMJ2CQMtXPk:ElGGJx5OISaS/ZJ6X6aIzQ13BNIs0CQX","tlshash":"83420894b544bb7a537745d1801d8480e2290fcef9d4a1d8b3e7de6c2b868b4235bb2f","first_seen":"2026-06-15T11:15:43.71547Z","last_seen":"2026-06-17T20:20:10.487823Z","times_seen":4,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/dark-fiat-currency-BqVA_XxE.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.155Z","timestamp":1781727584155,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/dark-fiat-currency-BqVA_XxE.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-480d\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18445,"size_decoded":18988,"mime_type":"image/png","magic":"PNG image data, 168 x 168, 8-bit/color RGBA, non-interlaced","md5":"b3f78f9abb6cc06b08c73f5f2bc6b13f","sha1":"5e8481fcedc6235f12220f93557400b4619ffb8f","sha256":"3064749566f703db3203b8d6327c83ea2c37e326ac711326434df05e6544d762","sha512":"aa1b636bc0fc4400dff2be6720e57cd8009e938b66e4f17c499687243633d400658a996dd5df1a2e99f0b0b7ebca3146b58546fd4e219b03f8d826032c6637a0","ssdeep":"384:jsbmLfVvGdNWJ0ODzFtdEYk67KrGaWvHDrAuH+90TNynASRWWceo:6SGvWJJzFAxSpHDMuH+aTNs5W6o","tlshash":"d482d1598ccf0dc55eee0841e2793bc7789315f2c89259ce91b29f9b64e0aefe651d00","first_seen":"2025-01-05T10:02:36.811505Z","last_seen":"2026-06-17T20:20:10.488369Z","times_seen":36,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/MainWrapper-CYENgzle.css","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.741Z","timestamp":1781727583741,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/MainWrapper-CYENgzle.css HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-1eb1\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7857,"size_decoded":2453,"mime_type":"text/css","magic":"ASCII text, with very long lines (7856)","md5":"e626bff79af56246c6f15965e9058549","sha1":"ffc2a17203d394021da2aa9e6e253c7e66c937de","sha256":"6427a8ef161e0c0075c739db281458fff608c90e39a80775c87f22374107872d","sha512":"a16d4878a5d5aa5bb8a2e9e66ef4ba0d7f7dac6d6284e0f81f637e988c159ffe011c8e93a8b7fb72dcb04b68576d14c922106b2d254bc49e037f198783146919","ssdeep":"96:r9eQBNnMdnTNSHwSw7LVefXspZ0hdcmnaAB5rFx699y0NmWFJAtt82JIXC:Hkn7LVQXspZ0hRaABZFxWZ3C","tlshash":"f5f198a2b5b4657e9337e3bb9f4dd29ce126d9f4c89137e473c6132409c1ae92223e05","first_seen":"2026-03-28T14:52:08.300094Z","last_seen":"2026-06-17T20:20:10.488838Z","times_seen":33,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/StarBorder-Dt11GyDv.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.753Z","timestamp":1781727583753,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/StarBorder-Dt11GyDv.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-5a2\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1442,"size_decoded":1337,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1441)","md5":"acd325eb79f1dc956175a4bfd3d73b6e","sha1":"82b461f7d07e5eef061303ce91c3503efb8d1424","sha256":"a7f1fab31e27cc8e12b5567138bfaef6b2d9bb70446ff1e2d91cfe1e49001f47","sha512":"0d07db0d9577e1fc815d3bd9fffe80ba58a5f95d14151ab14cd2581e48b047b21b8719a4d5e0b3e0ff13ed569c770f937d8cec14d368dd09ad7bd3c2b250be39","ssdeep":"","tlshash":"622174cfa81de2bfb7b38adc9431c85122200229757b98c4f0aed60b0650d024f9e719","first_seen":"2026-03-28T14:54:57.96549Z","last_seen":"2026-06-17T20:20:10.489332Z","times_seen":8,"resource_available":true,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/StarBorder-CcXzWHz8.css","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.754Z","timestamp":1781727583754,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/StarBorder-CcXzWHz8.css HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-513\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1299,"size_decoded":1086,"mime_type":"text/css","magic":"ASCII text, with very long lines (1298)","md5":"a25f2317f6f374f54f6d13c24f69aff9","sha1":"e7fa5d2f8e7d847dbb0d5ad96c4daf532e37a1d1","sha256":"71abc862f7afb110aff252efb26c271b3502a8c5eca3d2d9b4833cfe4069cce7","sha512":"929013f04c4789f86ae86bd95c420a5a40781514cdaeece1610cea1f2f8381106f1db2e41ca3e91f35e9754744f087a586da0f0b428bbd714680dad01ed69c9f","ssdeep":"","tlshash":"482103b099048274b833e65a71daaacc5f31d001e4733459f684b51468dbde14c729c8","first_seen":"2026-03-28T14:52:08.329836Z","last_seen":"2026-06-17T20:20:10.489884Z","times_seen":33,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/dark-online-customer-service-DA2CUnCE.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.153Z","timestamp":1781727584153,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/dark-online-customer-service-DA2CUnCE.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-4c86\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19590,"size_decoded":20133,"mime_type":"image/png","magic":"PNG image data, 168 x 168, 8-bit/color RGBA, non-interlaced","md5":"fdfd29b147f3e2fa71bfd7d7110ca1d3","sha1":"3d10c699f03d81f5e5ec0df0d23371a2945ad19d","sha256":"0f5b293bdc976cd56d95ba01870b646d61b59959372cdf6f2e90de02e9b1d84d","sha512":"782e50c620de4f06dfa1fa675015153856c231a218663915ce1db399779716f1333fb8776c1e432662220d683ccf52bf6175fe12e2e10abc163922c5579c349d","ssdeep":"384:1esGYmuPC3VaNrmr1IPRjuBw9ehD03IrXJKJXOY8x1R:1esGYm4KcNntL9yD03E5KFOY83R","tlshash":"c292e1ff53482c06cc51703661b3aeb44e1eb59287d5a1b5bda9824ac77b23b2438d35","first_seen":"2024-08-19T20:58:03.463868Z","last_seen":"2026-06-17T20:20:10.490364Z","times_seen":40,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/trump-BmuR7hFW.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.823Z","timestamp":1781727584823,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/trump-BmuR7hFW.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-1a12\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6674,"size_decoded":7217,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"d39f8768dd431ee4893f97de52f58d61","sha1":"9a66fecf9e5969f93244834f88023f64a76d339d","sha256":"0b2e06d627756ba0f0120cace715ff07200a503148b694ea78f42bfe49d755b4","sha512":"63fbbe292a66d820b5ec8b4a9001d0ff79a25d1fbe37080c5af162312e7c4750804bcc1bb7b82b1c03a247162816da8503b23a85c4bcba6f25230501cc4b3aa4","ssdeep":"192:NQYtj9FSmWzcqc8rZ3ksTBA/tmzWPNGXYmdOG:NQYtj9FSmWz68dksT+/ASNGo7G","tlshash":"99d19f4417d3cbb2da87759b663a002943bc986f46532d47b91f783e2cf2ccd5da0166","first_seen":"2024-06-10T21:23:21Z","last_seen":"2026-06-17T20:20:10.490829Z","times_seen":10,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/swipeItem-feFPpSQr.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.750Z","timestamp":1781727583750,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/swipeItem-feFPpSQr.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-21f2\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8690,"size_decoded":3896,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (8689)","md5":"313e56a32ba70232ef49963a5b2f078b","sha1":"d8dc4706861d71234b993d486ccfa35d83cb0956","sha256":"69ac3e1803e24a198d3e78ac5c70007ea15d5f0604a845687c78fd2d8d8c8492","sha512":"7f380a743d60e6b88c5bf0766368c4575cb023f188813ba3249d583ae8d590e6c564de3c6a9c22705c46dbbf77752d65719f25d51df76719bafe133e07551492","ssdeep":"192:TywIJZnnA2kRuncNp8ak0/w9d1OPMYcKobs3prdDCELfgmZ5mZERhfL4cCr:Ty5Zn/kKcjrBYlOPMYcKobsZr1smjmiQ","tlshash":"3702ca9ab954b83397370061a15908d4633b8bf89420b1e4b157af1b3de5c1c7faf619","first_seen":"2026-03-28T14:54:57.995341Z","last_seen":"2026-06-17T20:20:10.491338Z","times_seen":8,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/coin_icon/XPT.png","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.813Z","timestamp":1781727584813,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/coin_icon/XPT.png HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 20 Jun 2025 17:31:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559afa-2a890\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":174224,"size_decoded":170100,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"42436b45ac828e15b748133d34479c18","sha1":"b4b8e21ad7c2e43f2b21d0d30f7786860e36709b","sha256":"c2643d141099d949329138b8fa1c50f29576cd3a0d7baf97a563796ee23847ab","sha512":"e2eba6110d788657a312d065526896766686bb6ac0440b18b0ade9d0d78d8e415c1fae2266166e65fadb630932745ba623a99adbc4574cbfbc306e7c826e5311","ssdeep":"3072:12bW7qYD07pcme58vDmugX5b9L2cIUTQ42JWRNf4bomq7lb4tZ2ylN:EbW7JDLm08c4RWXfiq7lbuce","tlshash":"0b0423414adb6c4dcb7cfe01ed25ed4875836880c55090268e05fa8af923d999b7ebf3","first_seen":"2026-06-15T11:15:43.73908Z","last_seen":"2026-06-17T20:20:10.491845Z","times_seen":7,"resource_available":false,"data":null}},"time_used":557,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/HeaderLogo.vue_vue_type_script_setup_true_lang-DISO7C1c.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.760Z","timestamp":1781727583760,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/HeaderLogo.vue_vue_type_script_setup_true_lang-DISO7C1c.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 280\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\netag: \"69170322-118\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":280,"size_decoded":799,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"67aa7a95155ed885f483bae2ba706b2c","sha1":"d76d5575f97db2da6cbd153fb726d67c00caa068","sha256":"7d4bac5fa53d12d4035885b45fe436033c066eb93bf0511f815f33b029761ae8","sha512":"cbd01baf752909f2c9f84b8b7418fc267981fa15d03aa8318bf6318388e3bfe7097e92c2e0691fea65f933f0b5e93227b3bd809eab660b900259c007be35c938","ssdeep":"","tlshash":"b6d0eb8e9c9a83fc5234888cb82304012a8c06a93325ccf8ea02cd326ffa044a59c218","first_seen":"2026-03-28T14:54:57.971947Z","last_seen":"2026-06-17T20:20:10.492655Z","times_seen":8,"resource_available":true,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/MarketTabs-Sw_X6iKY.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.744Z","timestamp":1781727583744,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/MarketTabs-Sw_X6iKY.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-81d8\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33240,"size_decoded":24328,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (33239)","md5":"42b36d9794c1e6df2e3bf7371a66a637","sha1":"e2c9b3603e5e53ac8765949e10216eef84912cf9","sha256":"9580f3c91d4f257424d20b50c6d952b86a67909cae3328c2d507fda10d2857a1","sha512":"f980ae51a10a675ee15bda63c24d0c4dc4f27266922060d31433f5538b6f9a449b0f1b0e2d3e29916c3d548a69633164a942a9d4bf88299593ca495db1a65e9f","ssdeep":"768:b5k21Y42haBEuCzQ3ndQB0/O1l0yYWst8LPgGo3:J6GB/3ndQB+gRFstKC","tlshash":"d7e2e1b5824e335ac2fb466ddd8aa3606ce6585bd768602b3cdc11239fcfa10ce46f44","first_seen":"2026-03-28T14:54:57.947273Z","last_seen":"2026-06-17T20:20:10.493262Z","times_seen":8,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/config-Dvz9uSFg.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.746Z","timestamp":1781727583746,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/config-Dvz9uSFg.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 255\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\netag: \"69170322-ff\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":255,"size_decoded":773,"mime_type":"application/javascript","magic":"ASCII text","md5":"7a7f97545ae57588854195ab20135a19","sha1":"1c74eaf20aaeb39d8bcb869481639bb4ee66f4ed","sha256":"dc6d6fcbb7862ddd807adfe7bbf9c7dab48e2441e2fc6c86331f409560b9f008","sha512":"a04346fa29920d08741c03d64977e570cd3e8a2f0509bc853eb2dbbd142181d308062bec186bd1427c27f4411a12bc9042d5ee084b114549e0d64857f5fbe8a8","ssdeep":"","tlshash":"8fd09220f5110379ec0ea7c85601645ac3ccc416a5e49dc5f0b51c072f56f4d68f8f3a","first_seen":"2025-12-13T04:04:45.155858Z","last_seen":"2026-06-17T20:20:10.493724Z","times_seen":59,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/_plugin-vue_export-helper-DlAUqK2U.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.739Z","timestamp":1781727583739,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper-DlAUqK2U.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 91\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\netag: \"69170322-5b\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":608,"mime_type":"application/javascript","magic":"ASCII text","md5":"25e3a5dcaf00fb2b1ba0c8ecea6d2560","sha1":"7850b3fd4aeb69387bdb5a60025d15c41351d5eb","sha256":"cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa","sha512":"2e5cc9b53d5641147f68c73e5db0442d93fb6a64da45cfc051da5550a2fad07e912e651bd730e54325ef74eb706be0c5df612355c1dca144ab6e9cc8c4ecc73b","ssdeep":"","tlshash":"1fb012c81cc3e078939818d47738c15844380448310742b0808c0943e2c20809797c1d","first_seen":"2023-03-08T16:39:49Z","last_seen":"2026-06-19T14:53:42.040129Z","times_seen":22759,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/dark-verify-UIkTxWer.png","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.157Z","timestamp":1781727584157,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/dark-verify-UIkTxWer.png HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-4d60\"\r\nexpires: Fri, 17 Jul 2026 20:19:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19808,"size_decoded":20351,"mime_type":"image/png","magic":"PNG image data, 168 x 168, 8-bit/color RGBA, non-interlaced","md5":"8f3bb328ecf4671382c8a0ab485a6c49","sha1":"9b02481a71026055b1f561c3fccf5fba153c6d5f","sha256":"a89eb9fdacd80b357865487f0b6a5bbbf8351d54d6d9d9a4341a07ef683d5d67","sha512":"c21a7f1e5775506eb2a21a1ee8da76536af5b88ef0ce2965dc790d113eb438431243071ee1a154b83b6f80c0a7376dbe75a4298c219f34693e4a4f268c866593","ssdeep":"384:dev7NcqfyiPCOVv3aGkr2ParLYDwgpCcAXGMXjkiv3JHI8Aa:dY7NByiP9vkYarIocYGeJv3+8d","tlshash":"5e92d0d9f4f6af36fa9dc5a2171b042a2194d5330f1d1ab35eda628aa21b4c40688c37","first_seen":"2024-08-19T20:58:03.473401Z","last_seen":"2026-06-17T20:20:10.494597Z","times_seen":40,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/coin_icon/XPD.png","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.816Z","timestamp":1781727584816,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/coin_icon/XPD.png HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 20 Jun 2025 17:31:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559afa-2cd89\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":183689,"size_decoded":181010,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"adc57c058250516af2555c351b8134d4","sha1":"8c524507412aa8c463fb15d6d3ccd615b9f34819","sha256":"00fcf5e1bea1f8961aa473e8ba9b9e230b7a98ab7fa7cb1ea309fc45295823f6","sha512":"ed71eca3816735035a55ade17c6a840926d574fc5218c5dad1126ce3e942a8f899d9930cdd1d602052b7f341cc10b4bbc425f4f6cebdab1d212583cf5909f391","ssdeep":"3072:KAbG6dIEKJvkNkSu4cu3DZxpu/bjT9modO7RZrsTVZ7WePC65vhYkmss7E6Ivcb:KAVJrku3zZTu/Xpm6EF+VZ79lZh7ms50","tlshash":"c60412093d2b989062e97448eefc540febe73f508df4e0565a92eeb01d148ac8de8707","first_seen":"2026-06-15T11:15:43.684477Z","last_seen":"2026-06-17T20:20:10.495121Z","times_seen":7,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/MarketTabs-BnjJyF9Q.css","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.747Z","timestamp":1781727583747,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/MarketTabs-BnjJyF9Q.css HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: text/css\r\ncontent-length: 94\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\netag: \"69170322-5e\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94,"size_decoded":597,"mime_type":"text/css","magic":"ASCII text","md5":"b645cc83bc2e26340ce87c94ffe6b4f3","sha1":"ec44afba75093736fef08fb6c9e20c035c0556b7","sha256":"b1dd46a18c19ddc8dfbd008999a3935e66cca2d9a565b0d0c66bbc4d4109d48e","sha512":"148a383afbcca6a246bc75a777a1fecd4e9604ed2b2d9048f34aa44ab55bbf43359c8801ac0720ee63b48f3a5b4fdf487adeee05e5d966238d8e0485d2892dd7","ssdeep":"","tlshash":"0fb01260744010efc432714c0d28cffc15807313b09500227fd02c00f400353c834d57","first_seen":"2026-03-28T14:53:09.906774Z","last_seen":"2026-06-17T20:20:10.495633Z","times_seen":16,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/index-Dcs7rQkh.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:41.391Z","timestamp":1781727581391,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/index-Dcs7rQkh.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 30 Mar 2026 03:53:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c9f3bc-1b5287\"\r\nexpires: Thu, 18 Jun 2026 08:19:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1790599,"size_decoded":506243,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48573)","md5":"3dccd91d277fd8ff08ff9e83a70d677b","sha1":"c5555725890b1651a689f73cb6e133cb1190438d","sha256":"e6d3305082d1893d551c9da4b01d66775b3e8e9ccb8899493c57a9f83430e421","sha512":"b639924bad9498cddcedcd2936c5237240f34d1d7c68bd6af903501989e48b690532ec1ab68b1a6e252e11a853b96bdfbd29cb2a7edbcbc3f018378caa195096","ssdeep":"12288:TReKLvCZrSu3rOpc09RvJ/du7QeBsKFvix7BX+ph8hhB2D9vgIpuIsbx2GPXVP:NnLvCZrSu3rOu0nvtdu7RQ223","tlshash":"9935faa5b0cb98a943cbc84064b61191b2588e563649bcf3ccf9dc8bbce1575c2b7f19","first_seen":"2026-06-15T11:15:43.672342Z","last_seen":"2026-06-17T20:20:10.496103Z","times_seen":3,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/loading.gif","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:41.399Z","timestamp":1781727581399,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /loading.gif HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:41 GMT\r\ncontent-type: image/gif\r\nlast-modified: Fri, 14 Nov 2025 10:23:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170320-cff9\"\r\nexpires: Fri, 17 Jul 2026 20:19:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53241,"size_decoded":48072,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 400","md5":"97e23ab316dafad70085144a6c822a48","sha1":"0869aab79b03cca5d47f47cd4d45c8764659b34e","sha256":"1b5dd93a363984bac27654d1a3292cf711a40614e6f9623525ca1851a4298143","sha512":"e3481e1f5d5c410129686831cb37a304110e8f0171e45d93e6906a98d43666c70374a4700e2f71c0a814128e9728e584e67fbeed9b8a5204b9b60d4f1b571022","ssdeep":"768:PSLSAjUxtsF2TCy5yAM5cFs3dKNc0+gBrhaqDAXDCYafJhAzVAcJnPm/ccJGCDAf:nAQtMQyJ5cFu0+gfOX+4AmPmkcJuXP","tlshash":"3933df797168a7bc9a2e46fd048a40ea3cefcc411d6218e30da0f87f624d57c645dc8b","first_seen":"2025-12-13T04:04:45.170156Z","last_seen":"2026-06-17T20:20:10.496544Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/featureNavs-CRJCBRsJ.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.761Z","timestamp":1781727583761,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/featureNavs-CRJCBRsJ.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-1c373\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":115571,"size_decoded":73818,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65510), with no line terminators","md5":"ec1cd050223e167632cf512e972b1d41","sha1":"d6fe5884e55ab44184b15b2a86b7ae526563c1d0","sha256":"441fe9d1fc95cd5bdd2013f79f6758ee9919505867247f02f56a1de609be30fe","sha512":"9a6c75537fb37922e6c3e9184679e64aef45f4e7d6a9f9a7cb95841c51c6c9831e720b45b37368ea91ad3161180c85e5ab5de9795b7ae94f8f398ea3d58584a9","ssdeep":"1536:TC6P/DbzvM1HkFITVw13d4TwLtzVmOgsM/FpOvqQhYhLtrGtzLIrDITDv:W6Xzk1ZSMOvqQBnDv","tlshash":"15b3d07ed7993f7905bcc83af22a3904d8330e29ef85a4b5be9d4211fd7518101a3936","first_seen":"2026-03-28T14:54:57.955688Z","last_seen":"2026-06-17T20:20:10.497404Z","times_seen":8,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/images/d4888434752f19150bf98b3aa4be5708.jpg","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:44.830Z","timestamp":1781727584830,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/images/d4888434752f19150bf98b3aa4be5708.jpg HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 20 Jun 2025 17:29:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559a6e-1ad0c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":109836,"size_decoded":99924,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1406, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2500], baseline, precision 8, 1000x492, components 3","md5":"6041d0fce2920663f0a8d900a055a55e","sha1":"3614dc74d78464bf98acc77944544ad501d2c972","sha256":"e2cd10269bf82e81dff51693e519698320b658a511c03d1af699c16445f6fada","sha512":"a638b409f50a5ead657615e4b3e8336e51a487943bb7dfa1f5fcec602e737577a1d33891eedf3ada6322b34003d7b1541647d8785c754b1c0b01c0b8cf723793","ssdeep":"1536:VP7cu3vw+ySiAM0GdkaXlYgpwlx8sSEQ+R2yYmVeaQ7DyZ5CVsG+agkNH8x8A:VP/fFPitXK6hGx8sw+RImVwX+6U","tlshash":"7eb30205ae20bda2fdca667be221e6532011f48214b6076774fc7d49fba9bc25c6f211","first_seen":"2026-06-15T11:15:43.686132Z","last_seen":"2026-06-17T20:20:10.497994Z","times_seen":9,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/swipeItem-BUF_9N4R.css","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.752Z","timestamp":1781727583752,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/swipeItem-BUF_9N4R.css HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-f10\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3856,"size_decoded":1406,"mime_type":"text/css","magic":"ASCII text, with very long lines (3855)","md5":"6a6eeb66579d717c87f676d1b8f095a5","sha1":"b399bfc1307d295f41d0970fa491db907bf48f73","sha256":"b4a722de10e61ebfb1d95331008451b72e11c6eab0b654bb9ad5b8530b0b033c","sha512":"6b6bea4bc02349eb6f8d082dd944cb2f6b61ec89d7f04a1a67f65a9bca765c07dbfdf7c143e1b389a3f9fceb5121a912dbd49644ef2f904552db7caaff1d7228","ssdeep":"","tlshash":"fa8168f1d6a04425c4335123aace9ad8d53dcde172613ba470d62e1dc6beaf4470fb4a","first_seen":"2026-03-28T14:52:07.681213Z","last_seen":"2026-06-17T20:20:10.498454Z","times_seen":57,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.vveexhoutai.com/api/app/index/logo","fqdn":"api.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.771Z","timestamp":1781727583771,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"OPTIONS /api/app/index/logo HTTP/1.1\r\nHost: api.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang\r\nReferer: https://weexairp.com/\r\nOrigin: https://weexairp.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 \r\nserver: nginx\r\ncache-control: no-cache, private\r\ndate: Wed, 17 Jun 2026 20:19:44 GMT\r\naccess-control-allow-origin: https://weexairp.com\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang\r\naccess-control-max-age: 0\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":600,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T17:09:05.643349Z","times_seen":16553245,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":169,"send":0,"wait":250,"receive":0,"ssl":176},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/HomeView-CzTYVt6n.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.742Z","timestamp":1781727583742,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/HomeView-CzTYVt6n.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-16c8\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5832,"size_decoded":3075,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5673)","md5":"8b1358e4e9426c50da164ae9c1113605","sha1":"92ef2b4d0f9540fe8041df80fb20096ede10bac8","sha256":"c28c4d5d40a2ca825ec24ce073ce92b3a46e8650ff39e586a53733e592158f98","sha512":"d08328cee385a3ba3f2e79d0137fbba708348c123b199cd77295002f6d0803c733f6b3914a3ccd8a075ec56e39e0d4906a9c8d34be81866a7bfa6a1a980528cd","ssdeep":"96:j460mAgm25VjsbEUylLlyStwHZLfRUVPfiteH8SPvPqc6uUUopPHl8WY4qBPnx4j:sSAmjzUylkVG9DNiUUfp+xE","tlshash":"03c1b60d302acbf9e0b75654b462849062b89f9dd170d916b0ff48313ee6ca685ddb7c","first_seen":"2026-03-28T14:54:58.000816Z","last_seen":"2026-06-17T20:20:10.499031Z","times_seen":8,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T20:19:39.722Z","timestamp":1781727579722,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:40 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-c13\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3091,"size_decoded":1830,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"dedd73544342d0b07d749d8e0c3f2f76","sha1":"298be6ceb925343fb6305fd3063a33b32ec3960e","sha256":"4f1fbd1c513f799b330d6d9c4603c525ef2702c01881952f1dc7ce5c1705708f","sha512":"1cb7d91323eb871bb9a8ee6a0f22fe5f2d759eba70307055dc19c9651f8c15f8407b20d759bdb315be3940d2f238402f47fc76f605a8f2c647faa06f530b8373","ssdeep":"","tlshash":"c9519546d4fb80051213d5787ea9f804ae11a11bd70a4e5932ee52e8df8a9f880e77fd","first_seen":"2026-03-28T14:54:57.944687Z","last_seen":"2026-06-17T20:20:10.480205Z","times_seen":8,"resource_available":true,"data":null}},"time_used":1189,"timings":{"blocked":-1,"dns":89,"connect":271,"send":0,"wait":271,"receive":0,"ssl":557},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.font.im/css?family=IBM%20Plex%20Sans:400,500,600\u0026display=swap","fqdn":"fonts.font.im","domain":"font.im","tld":"im"},"ip":{"addr":"172.105.196.206","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:41.388Z","timestamp":1781727581388,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"font.im","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 14:55:36 GMT","end":"Tue, 14 Jul 2026 14:55:35 GMT"},"fingerprint":{"sha1":"1F:6F:51:DD:E1:47:9C:1B:E2:CB:B4:2B:76:FE:32:4A:13:3D:EA:79","sha256":"16:B1:39:93:84:F7:4D:C7:AE:27:50:62:32:71:39:E7:38:79:F3:26:81:B4:2D:1A:2C:41:CE:08:95:BA:9B:17"}}},"request":{"raw":"GET /css?family=IBM%20Plex%20Sans:400,500,600\u0026display=swap HTTP/1.1\r\nHost: fonts.font.im\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Wed, 17 Jun 2026 20:19:42 GMT\r\nContent-Type: text/css; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nTiming-Allow-Origin: *\r\nExpires: Thu, 15 Oct 2026 20:19:42 GMT\r\nCache-Control: max-age=10368000\r\nCross-Origin-Resource-Policy: cross-origin\r\nCross-Origin-Opener-Policy: same-origin-allow-popups\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nVary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding\r\nX-Cache: HIT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":852,"size_decoded":908,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"1c01517ea51a76524b0078d9cc86bfa9","sha1":"98c57c02233a3156c4ce9ac20bf928242bba2c6e","sha256":"e9e3411f4e43bed69cc8baf0f1d664e8856a0814bce61d603acdbc947b609712","sha512":"c9617f2eae296a795034ca6f8e33af87e532ae93b0780d1641b55d1a7b91b520b082133b74c2459d507fb63f95025374d048bbfd4114c506b005bf5cf077a084","ssdeep":"","tlshash":"66016b14802a65b0d6110e8933cfbf699c2c18912896d2ae4bb04d788dbe93b6351f1e","first_seen":"2026-06-15T11:15:43.714422Z","last_seen":"2026-06-17T20:20:10.499566Z","times_seen":8,"resource_available":false,"data":null}},"time_used":976,"timings":{"blocked":-1,"dns":5,"connect":242,"send":0,"wait":242,"receive":0,"ssl":487},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/CellSfc-CCo4Fc3H.js","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.748Z","timestamp":1781727583748,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/CellSfc-CCo4Fc3H.js HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69170322-6eb\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1771,"size_decoded":1334,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1770)","md5":"2981f0d04f011dbae2446322dbca63aa","sha1":"62e78d2fe09673165029525ffe3fcc5c7c17b18f","sha256":"934d792c298c08a3991f42c53091a041ac633621c843274911c3d39a35e60a5a","sha512":"9d5f24544fa1d39ad3ac4fd5fd53c99eddba5ca585bfd53cabd9aee3cf6625efbf6f8e1fb860cd63588fba89d02359e10d7c2b22124ecad3b2f102c1c185803e","ssdeep":"","tlshash":"fa3160683c04877b88a7a085e45c1c08b1f01f4dcc6080c27ff7925eaf156a99bea21c","first_seen":"2026-03-28T14:54:57.95262Z","last_seen":"2026-06-17T20:20:10.500136Z","times_seen":8,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admin.vveexhoutai.com/storage/images/32aca1c6e7add86de924a1447eb5e7d6.png","fqdn":"admin.vveexhoutai.com","domain":"vveexhoutai.com","tld":"com"},"ip":{"addr":"35.94.157.175","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:46.023Z","timestamp":1781727586023,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin.vveexhoutai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:09:06 GMT","end":"Fri, 31 Jul 2026 20:09:05 GMT"},"fingerprint":{"sha1":"A4:A9:EA:CE:C6:C0:D4:11:63:17:BD:C1:5A:30:6A:61:4B:FE:EC:4C","sha256":"0A:87:CE:A5:78:6D:9F:EB:9B:DF:14:DB:2B:0A:AC:88:6C:41:1A:29:A0:99:57:1E:B0:9E:69:F3:84:7A:6A:56"}}},"request":{"raw":"GET /storage/images/32aca1c6e7add86de924a1447eb5e7d6.png HTTP/1.1\r\nHost: admin.vveexhoutai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:46 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 20 Jun 2025 17:29:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68559a6e-1fdeb\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":130539,"size_decoded":123852,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"bf65420fe52df4bc773c1c3ef6c24dbf","sha1":"481b216e4941266c9ec31d92c25b79fa308190bf","sha256":"627239b0ee15a7236d13793dbc66300a52e0b609e7c4b1bef03d89d85366e73b","sha512":"2cb3f279dd9421322e97a37393dc7dae48d10ad190942b7f70e5ba8e8f54e25ae010c5fea3a659c3c9e45c3e76f524dd90ff77ceb05a4f37773026b4d1c33fe2","ssdeep":"3072:JfTT0DQQW8TdcXKR7aEQYQ6IEAsnqVEPc8ANN:Jv0kQjRYQaE52EAsnqP5NN","tlshash":"dad3f18c1539c9e62b4f503a594a7b77bf3bc6010ad660f7c8749208d8bce45995fbc2","first_seen":"2026-06-15T11:15:43.691105Z","last_seen":"2026-06-17T20:20:10.486428Z","times_seen":4,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weexairp.com/assets/ImageSfc-J4LpxiDa.css","fqdn":"weexairp.com","domain":"weexairp.com","tld":"com"},"ip":{"addr":"134.122.200.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://weexairp.com/","date":"2026-06-17T20:19:43.762Z","timestamp":1781727583762,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexkn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 20:12:24 GMT","end":"Fri, 31 Jul 2026 20:12:23 GMT"},"fingerprint":{"sha1":"F1:6D:DD:E9:2C:34:3D:26:7A:3E:78:C5:03:9F:09:A9:1C:22:3C:1E","sha256":"76:E9:27:97:4C:E2:52:30:5F:CE:BB:AC:EC:57:4F:EA:0C:CD:5D:5C:18:81:19:12:F3:EB:71:C3:4F:91:92:3E"}}},"request":{"raw":"GET /assets/ImageSfc-J4LpxiDa.css HTTP/1.1\r\nHost: weexairp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexairp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: text/css\r\ncontent-length: 83\r\nlast-modified: Fri, 14 Nov 2025 10:23:30 GMT\r\netag: \"69170322-53\"\r\nexpires: Thu, 18 Jun 2026 08:19:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83,"size_decoded":586,"mime_type":"text/css","magic":"ASCII text","md5":"c12016b85c820292f1adff7f94496866","sha1":"50f5c2eea0d362c73bd45acc7870f4a184990652","sha256":"57d5eaf0827d2c0fdba97b14ec04028f7b33c3f8e6721496e893064374b86416","sha512":"0c959ea482b073ad64e97955e0aac99d21911cf8481d6d04ab998d7e017171b3d3e17c2599247264c2cd9d0ca414774c9fe70cba20c2179706c868c9c5b3d425","ssdeep":"","tlshash":"bda012b90d24d09a8021c514a4cf4aca4515c50003018744891034200d490042a33050","first_seen":"2026-03-28T14:52:07.706821Z","last_seen":"2026-06-17T20:20:10.500657Z","times_seen":57,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexairp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}