{"report_id":"c6b02d7a-7354-467c-ac27-d9e9c342ca24","version":0,"status":"done","tags":[],"date":"2026-06-17T14:23:46Z","url":{"schema":"http","addr":"aiinvest.vip","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"aiinvest.vip/#/","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"title":"Aiinvest: One-Stop Global Investment Platform | Forex | Commodities | Stocks | Indices | Cryptocurrencies | Gold | Oil","dom":{"size":135599,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (48264)","md5":"b01be9c28f0646acd6e001c6834fd48f","sha1":"e065ba265aad8add43fcb51a1e52417c9aca48fd","sha256":"8a506b7da2fee0fa08a81ce3e715da1fc9de2558ffa54ebd66648324dd16a207","sha512":"08de323b2cad27ff638a163bad6e47c56c1a3348704cda198f61ebc3773208b01e96e0658ff3d6126dc0f78d6a35ae15c719c57329407b5ee61f3822cb62feec","ssdeep":"1536:SUWTxGT5NsbwZ2e12oCeVMHro7pdeipfYXE+VLhP9krbJag4Qsxme:pYxo5NsPe12rL0deipsEyLhAJn4t","tlshash":"06d30924750692fb95abcae4e0507e1965bdf34ec79fcc18e6bd31911fcacb07a121a0","dom_hash":"domhash95f923b6226e9f6e8428199ccdf166e4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"aiinvest.vip","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T14:23:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"aiinvest.vip","ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-18","domain_rank":0,"first_seen":"2026-06-15T14:38:03.29716Z","last_seen":"2026-06-15T14:38:03.29716Z","alert_count":186,"request_count":62,"received_data":7526996,"sent_data":28214,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"webapi.like1688fire.cc","ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-11","domain_rank":0,"first_seen":"2026-03-14T09:23:10.31593Z","last_seen":"2026-06-09T19:00:46.183577Z","alert_count":0,"request_count":9,"received_data":10990,"sent_data":4926,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-02-12T08:38:00.929095Z","last_seen":"2026-06-17T14:23:18.41741Z","alert_count":0,"request_count":11,"received_data":762592,"sent_data":6130,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"vip-cservice.com","ip":{"addr":"172.67.199.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-13","domain_rank":0,"first_seen":"2026-04-15T20:16:59.760558Z","last_seen":"2026-06-17T14:23:18.438915Z","alert_count":0,"request_count":3,"received_data":67636,"sent_data":1390,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"aiinvest.vip/js/dataModify-C6sk-dj3.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","size":635,"data":"","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-06-17T16:21:16.828115Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/loan-zN95c-Hv.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d070fe16ac50264758696eb3228edb21","sha1":"df1ef7c538eb8dd61215a761850744fa9f48733c","sha256":"6d333be3d20bc204664100a0e7ec95081e27a5e2285a98bf23873fb09a169bed","sha512":"23b460e1ddc0cd9980386c3b93d3a57b448b1fcdfc0cd1f3d2fedd5e268aba3265d846b92a9b86a83812d45361c5543d75a7ea6d7826d57989b1c6bf2531a517","ssdeep":"","tlshash":"27f0c8dabd079a7e9135d23930923d02b43b9a31def614702f26d4678b2c4896757941","size":580,"data":"","first_seen":"2026-06-17T14:23:58.003143Z","last_seen":"2026-06-17T14:23:58.003143Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/SetFundForm.vue_vue_type_script_setup_true_lang-B1zQj_P0.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b6c4412e5755cf89f2de950a1d18d6a9","sha1":"45fce7264499509b74d116e98e07437289d5e3b6","sha256":"4edecd9ca2268573eca86301542016084a886b26e2a44427465b32f8513aec58","sha512":"c5fae7798c8e3b77db9a8d0f6f6c91860fea2d9645b4c2c397a3592a5c26255df0a96361436684a847493582a5ce9c6489288c298bd5c1c9959dcc4139b1203e","ssdeep":"","tlshash":"2051330d24b2cfff26c3a238224e6168e0c8bfcfdb309755b66d447226c99f52619a55","size":2673,"data":"","first_seen":"2026-06-17T14:23:58.046351Z","last_seen":"2026-06-17T14:23:58.046351Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/CreateOrderModal-D7uIbsK6.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c27dc9e54a38bfc98bf701ba049c1f94","sha1":"8fa591144d3fa086867e805606a7ddeb17c09861","sha256":"7608044f895a176199085cbe4eda0bf80bb5dc8efffaed76d355128535b7cbcc","sha512":"232cd74ce340777f6483a4825bfae4a2982878a638af8207e9bd5bc210a4ef46c80a2ababf4a0fba20135feb0e4ba260af3157a737a883515628b5a794794736","ssdeep":"384:a5bMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:aBMuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"e272d93c70d0c9be9473d176a2cd68244048bfcfc6625bcef63de66415d9ca16725a2c","size":16272,"data":"","first_seen":"2026-06-17T14:23:58.078459Z","last_seen":"2026-06-17T14:23:58.078459Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/account-C5m7bkuS.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ac1dab4ace9c28928ed1e784e8f300a","sha1":"cf7ac7350d53609d2fb7c21a47654d6ea86e8e75","sha256":"ba537dc4fbc4a7a33c2705f078b2f514f2ae1e59c509d95623788b6a6e584d0e","sha512":"81f371e4a5fcded7805f862316ef07efe62c420c480803c6dc60e808dc995cd6c691c8f9c5a355508e40f8e0ccbd562564eab16542249ff0d3529d77b0283583","ssdeep":"","tlshash":"b411048a8e4e52f7fbb0be1260d02e03c00b6fb5aea24472f06d957351fd445c62db14","size":1104,"data":"","first_seen":"2026-06-17T14:23:58.030404Z","last_seen":"2026-06-17T14:23:58.030404Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_diy_y46faqqj.js?v=1762548374","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"172.67.199.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d22c6b651b32b75a079b1bf27bb6802","sha1":"79270c37cbf8d3eb468e34ac18fb8867f0a79431","sha256":"a0567b165e111b66f2aff7a8eec80feff557afcaba53373c97a1fc6932375b6e","sha512":"8dacd987493a0a6379ceb313f6abfc27726224099b03fbddf2374e53ea687e0f0fd3310f1e572231c0bebafe37bd0eb1fa741726ecdddd6ef4bbb589ae842019","ssdeep":"","tlshash":"1e31ad515e9985771933322a9b3bb22cfb3127071501ae033efd6710af31e89ea65ec5","size":1818,"data":"","first_seen":"2026-05-26T16:34:37.738655Z","last_seen":"2026-06-17T14:23:58.056406Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/Login-BwbDiHFh.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"61212ed5840da8d15397264488f4d0de","sha1":"3becb23ddfe8054a87bc019fddb093795435db70","sha256":"eac6716e8934c8696258a7cb9bb5436b540f6283410e96d6805373b49a181b7d","sha512":"d127adf0e5e949019a38ab06458b04c9888df090750c46718b0b418ca05fd7efa9222e226fe4177aa9e94d3373646c427d4b49dee4625fac7031989e5e1ca5e0","ssdeep":"192:5MTPHgYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUgh:5jYQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"1f32b6c86512abf99bb30825b6047935b4185f99c067c48ef3f84c317bdacb66a24379","size":11563,"data":"","first_seen":"2026-06-17T14:23:58.036669Z","last_seen":"2026-06-17T14:23:58.036669Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-D3EczlsA.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b44bca12ac0c0a9b0f628dae4878efc","sha1":"82adc346d5f5def7a944d5316abd1f279bc02d8b","sha256":"d40fd8b8690ff8dd668b4b9a4249254ba24048d99ce82c18c569adaea0993c3e","sha512":"b5f034b8c46bda7f6b2fbb70f39633199959448cb0b972d589249dd8582f7c0d7bb092797b708802447a93e59871d44f83451276848cb75ff522826e851919be","ssdeep":"","tlshash":"4631320d9473cbfc95a391351b4a2168d2847fdaeb708bccf36c14723aca9b3592d640","size":1510,"data":"","first_seen":"2026-06-17T14:23:58.053568Z","last_seen":"2026-06-17T14:23:58.053568Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/TradeLayout-Dz-ORK-d.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"de4504cbaeebf2cfce6b2b85f9e4d256","sha1":"8ec50f97d8c27f03bf2289c962b969a6ebc80ad1","sha256":"334188116da05b3a162f4b89a5f458042ccc485bcfce6ed9319c8bae54fa3597","sha512":"539b7587e1d76d9f03951d05a2a1df8306a9c7656f6c2b5bc48ae4aff65bd99613bf46be84061a35103765c878825985b2618e46e5c8c6c4606a139552795620","ssdeep":"12288:gifpUPYtI6xc2J46SImhZGoR9pe1m/5sAKg:gSpUPYtI6+2J46SImhZGoR9RDn","tlshash":"4c94e580b162e53993f391b5107a0401e3197f89b40a86adf27dccd73e9ad9971baf34","size":417667,"data":"","first_seen":"2026-06-17T14:23:58.039223Z","last_seen":"2026-06-17T14:23:58.039223Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-CffuAbgj.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9f39a1a9f363be4198afd85042a5c6a","sha1":"19e3db562e9757892263ccc89960f001c45bd74b","sha256":"f38a3937a0db68af00756a6b060ebd0e259c8ef326a776033ad51c656a4e319b","sha512":"c941b6daa9febb7f4b054a8379138d0a1a2a4af73aa92ceac20516e70fce06530bcd6cabccac92db3049d1c6fc320c35d7a42c37e1f04a0dd028ea83d042245e","ssdeep":"6144:Vi9HsAKse+bX6hWtMseNYsxsNekvP61jTXLehPWf5+niXmhS0hHbYYl4UmtsRcXz:sHAse+D6hWtMseNYsGNekvC1jTbehPWp","tlshash":"d96419847252b23a83f305a2543e4405e2257f88b507c4ddf1fc4cdb3e9ae9665abb78","size":336528,"data":"","first_seen":"2026-06-17T14:23:58.067182Z","last_seen":"2026-06-17T14:23:58.067182Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/Register-qKZ793cO.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d3a5611c44fabaa4c0a36b35c4a61958","sha1":"5885c4fa8cc85fd1e39b0f9059fedf076eafe60c","sha256":"594f1d796c17c4b0c06d5320132cf591c14993a875b393d170df83451405653c","sha512":"e26440b91c045e4e5cef107378c915be823b0ed2dc4c1824f58b85a9da959623c0413de340cad5dcecb517f5152f2838c04c4ca62e29bebd21f0c953f3d67582","ssdeep":"384:GZD6uozyk7mm+rwmee5dk5LY5IWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792q:GZDpoek7aF5i5M5tUZ5pyVjnjXYn0D91","tlshash":"0282678cb1519bfaab7b9430f4476930682c4f5fc463c4f6e6e88c35a79ec71a51423a","size":18430,"data":"","first_seen":"2026-06-17T14:23:57.980202Z","last_seen":"2026-06-17T14:23:57.980202Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/filters-GIdr7Qq2.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ef860709803cd6cfcb112417de01d53","sha1":"b9da8b3bb4469c7b735e91a787bfcd7dd8fd7aad","sha256":"83cb6afb4e9c5aababdc674d5a0221a9d9384bd24b4de633c1bdf0d7921e55a4","sha512":"4c6598748bbaea04eff2f8107d3c39214df6c509de7289c989bf4f98fdc8e74d0a0d6c3415e969f9efbadfdbb1cdf29765f8960e8d6e72c4896f9b79ab35cb30","ssdeep":"","tlshash":"00118ba995c6c67b02fb88c8514d418768d87f78b00e4b62bd64f11275a1091f4ba393","size":1046,"data":"","first_seen":"2026-06-17T14:23:58.011955Z","last_seen":"2026-06-17T14:23:58.011955Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8354fa4bf3f7479cf69fa885f2f8dc93","sha1":"f23ee6b4f5b87f92f5398b731d00704835c6050f","sha256":"c50757197d02c19fddd0a861956e27cb43a4f9eb528c68346db0e30d8b663078","sha512":"d35adec39f522f7f51dac4a34978faafe525dfd20e66ffa3a96e11367f5539b84331e64a18e3fcd892aa87b7ef15419114129d641fb9c5ca7fe65b47db09ce47","ssdeep":"","tlshash":"d0f0e21a52b850b4116bf33d734feb81363200c360485f513d1c5f840f6043846a1b96","size":506,"data":"","first_seen":"2026-06-09T19:00:53.79549Z","last_seen":"2026-06-17T16:21:16.891531Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/Calculation.vue_vue_type_script_setup_true_lang-CW3nJquB.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"af8d87c491ae93f637a6ddb39f9544d1","sha1":"d71f1545a359097bd962d45ce20e637f530f0e49","sha256":"6fe3d0b56c9c1b30f0f888bad6fde66b517933d8ee4f5a94111b27bd07b4728d","sha512":"44b37c94f12c93a4c3297d77876511f9800eb782914af6f7470b6a4ef7c6327c2e081bde579f3ed2fb8cdad7aa22ccf3ec26dbf62cf6989b3b60bdec0d5d4a74","ssdeep":"384:dxSYvpyMTG1CmxcgKJcwV1e2cICuan1B2kLgpkDqaBoiA6mJWM5boWBuuD8daLHc:nScQYfK2cian/2ogpQqaBol6mbboyuu4","tlshash":"3092a649b152db3ddbb354f5605e1014e008bfcad426c497a1be09933aeeeb11a6927c","size":20465,"data":"","first_seen":"2026-06-17T14:23:58.022536Z","last_seen":"2026-06-17T14:23:58.022536Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/CookieConsent-CqBG65NL.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4efdcd8e97288e9b34f819ba626fe9e","sha1":"eda6bb2347dede47f5ec90d07607a186eaaa0bbc","sha256":"598e45fe534ed8751c595a6ad146156c720c66d51136ff358639df794ae7df24","sha512":"30aa94973e32aac421d60c83ad014e937e8251951bca94d6876001b2519a773f12d2fb88914702b69b0eeae860afd2bf3d1b92edaef5bb5919c93edcab1328b6","ssdeep":"768:br5jgT5ISSBGZo4mrwrS0yIpdmjriD0PbnPex4:KeVsmrwbpdeioX","tlshash":"f1e25c05e806eeb9d7f31634744a7168a4387fd9c25ac479a3bd85232bc9f728763314","size":32677,"data":"","first_seen":"2026-06-17T14:23:57.985863Z","last_seen":"2026-06-17T14:23:57.985863Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-CQOF2Sqv.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d3468c116ed5c4fc383fb12722fa832c","sha1":"efbb34e5a739cab8bbe5d9b2a4589bcdc0c17b7f","sha256":"849c740a7dfdb8f1253d54b32dc3ac54234743ae6c826aee8fb21dc9764d25b6","sha512":"d36d761f3ec0ce2cfebbac894e996c35415770683363263dfe30d8783d6c270debcb571adeefaa900181e60d0ff3b133502f9470b2d3412628d30be3203d0702","ssdeep":"","tlshash":"2561c5dd78b7f024877148ee507f0636e23a37592408d0e4e01fcd8a3931d6ab2a7e29","size":3235,"data":"","first_seen":"2026-06-17T14:23:58.027816Z","last_seen":"2026-06-17T14:23:58.027816Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-KLzjwogF.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4540662d6e546b4f9353d0a3f9007946","sha1":"bea5ba321a16853219437cb738d28a5b511c5f23","sha256":"807e7449eef34b97de792092e35387278e00d51af043d284fda6b08c9a777cbe","sha512":"bd1002895d0f976ac9e3ffc9393975b97320291cf55e0538dd193f8acd901c744d3ea74785209462a2c75801e77e165aee6bfb48017959afb7102ec8a2dc5cab","ssdeep":"768:2F40rUC3AsTTEHfjiJo1DHpIh9RzpsSWGhC19pLln0X3fcUgkKq93:p0rUmAiGs+19pGn","tlshash":"5923832cb012cfbe9653193162ad2994e1497feec616c80af1bd18233bc2ff05e56765","size":47697,"data":"","first_seen":"2026-06-17T14:23:58.06087Z","last_seen":"2026-06-17T14:23:58.06087Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-yBDcZlz1.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"08599a9ae5800fc3a9372669e2608495","sha1":"c5cbcf2d4f409694f6865e63d7801345087b48b5","sha256":"3252326aafee55c18cc34b50b92667fafaf47997daa4296e0b991b9633455992","sha512":"eed01a4b452cf9d3a61e30a5d58303914212af70ebb7110807a5c578ebcdc47c9d15b2c5e9153c829b0875f90f38fa574f1691b32807a95f885bdad5a780418c","ssdeep":"49152:v0ttEDk+tnHLtb9NJdWgnPnjjejTWlVPtBMjWOUK8:c4H3x","tlshash":"2e958e8c7686f06406f382e560eb1105f2786d45f446c0a4f9fc89ab26e5e9de277f38","size":1932970,"data":"","first_seen":"2026-06-17T14:23:58.081382Z","last_seen":"2026-06-17T14:23:58.081382Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/cssCalculate-VX7BHKki.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce1a07f3d01ae4d3c15e0cc917158e4b","sha1":"72e2d8f92457931b3d813da969a71e786145dbf2","sha256":"128b5f4b42990b1b3f0ce0bad5af90e879b0941179991f2cac53531df662242d","sha512":"39bd9ec377569325f9d9ba3e34df028217f8a162adc827f8f86b06ed40fb228105cb5f94e6a2f4dd8e5bb22128062e38570a84984e777c219bf8b087ff185b78","ssdeep":"","tlshash":"68018ef8a5c1def79b4b563b0e6c492c718c5680ea1f82c2d72ca0207b402ecb132590","size":794,"data":"","first_seen":"2026-04-28T09:02:56.142354Z","last_seen":"2026-06-17T16:21:16.861954Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/Footer-7FpDbt8J.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"53f2bd917ef1d01ae5051f8268fa0ad9","sha1":"f807e7d612a7cdda473fc317ad6422236af1fa58","sha256":"83c100e7efc014b22b63284418a2d3ef5af57d7f3ebbe083991b66686467096a","sha512":"2af4aafd1ec582b54eac50b8981bbb47619f1e1f6fb41059a314e851ebed45a8122f22b12a979d1a2fca86c7e39030f4db700fef1bef9026bbb58d2772e5ba38","ssdeep":"192:vMvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:0vvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"9f321904797789f9c6b784b5b8415510f238bfeee56bc85ab3fd890a17ced390a06260","size":11427,"data":"","first_seen":"2026-06-17T14:23:58.048244Z","last_seen":"2026-06-17T14:23:58.048244Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-r4PLYnzF.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c9f07a274ed6906cbdac1708e28b0bf","sha1":"899dfa69faf7e4f11727207bad0c26ddf29d6985","sha256":"bb6356137ac18b972ecd31c0b3cf11a62116c89d5ef23346ada37f3a3e3aef13","sha512":"68fdd257a935b6596df5fa9105174b4e7f9ad87d2b786a70f5fc02d2682b17d0e7bf9dc716135e58a3cf6c943480d579459c2ff0c6c481a03b07e64004d63c95","ssdeep":"1536:R9R8Wx5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:TRt5jTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"02048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","size":173125,"data":"","first_seen":"2026-06-17T14:23:57.98482Z","last_seen":"2026-06-17T14:23:57.98482Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/PdfViewer-DHy--jmh.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e797f014db155f27f42567ed7d74a20","sha1":"9485dc6cb3979542d2f09ef07824909578f58f76","sha256":"d034611ad4ddb0b5388cd934bd9bf45743dcf201bac2a1a331843b1d680b6204","sha512":"9a855efdcad2548e8a09390209cc6d12bd40b7eb015d560398790adaba1321dc656d4a9345e29f3179fefc38601c97959c26afef71e6275f6649e12afc62c2af","ssdeep":"24576:CkpMfCJkPXXq8RqbOt7aFMz3FuEoYlOsp8yDpm0gLsC7Xl5:CkpMfCKPXXq8QCFR+l5","tlshash":"faa5a072634372e96b79468671b91609437f154d34f3a1c8ed8e2edac52ad2b237c23c","size":2202810,"data":"","first_seen":"2026-06-17T14:23:58.082916Z","last_seen":"2026-06-17T14:23:58.082916Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_core.js?v=1781706203372","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"172.67.199.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","size":17618,"data":"","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-06-17T15:47:22.949985Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/login-bg-CtTnvaIr.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","size":91,"data":"","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-06-17T14:23:58.077161Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/ArticleViewer-BZLfb3nb.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"86294adc21c643c1dfae3093d9590b66","sha1":"138b59c408f9f36e438862d8b2eb710054d023f7","sha256":"946708e04b78dea11ffc0fbbb8a8b46f63316293204d64f419f53d57bacdb20a","sha512":"0ec78d05b1b008cb99ef375afea45128a1690b2040c47c9ec7b317f4ce0b3867a36384b81e36df8c257d8e631c5d44c87d320746128bc3d7bebc2d3c67913fcb","ssdeep":"","tlshash":"4c41949c2076cfb896f38335b58ed6545004bbcad7118a89727e583a3fc0eb07a5c304","size":2403,"data":"","first_seen":"2026-06-17T14:23:58.041772Z","last_seen":"2026-06-17T14:23:58.041772Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"aiinvest.vip/assets/crypto3-Bi713gOj.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.717Z","timestamp":1781706203717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/crypto3-Bi713gOj.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-b011\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X5qLpgyFKXpz9%2FqajinLKIwVhZPCxKgUYDRK5WEYu3SZZpfIkNa1G5gI%2BDYtmOkAIl%2BUjIcltElN6XBi6u%2BH7zvCBW2t0eZX6IIZgchMPX61V4lzL%2FD1wSsdydWTRNQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d3a4a32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45073,"size_decoded":45875,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"7401918092026d21dd7dabc67295ef49","sha1":"53db5a70917874eaeed05b2e893bc51c3333fb5c","sha256":"5614ba3ba38256cc9cd354af165e23840713bd66181a33aa47b5746910dc45ae","sha512":"4875d2e3900f88a580d44720a02e6e934421dad709765ea34858f5a611c080febbe525fa52ee4f9d32fcb0a6e07bcd3e4243b43dfa2a737ca3f7659319bdb3a9","ssdeep":"768:lCCSfM5x3ifgWTfcVXTIae3k4NrUnRsK3rFh9WhT0v7zIf+B2ow:1SfM5kf/0VXle0OUnyK3gTPow","tlshash":"aa13021e41a4b5b23e0fbf571c29db00d3a7e7d58613da17c9d6855846050da31acefc","first_seen":"2025-08-26T17:46:37.219207Z","last_seen":"2026-06-17T16:21:16.884998Z","times_seen":96,"resource_available":false,"data":null}},"time_used":877,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":704,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.like1688fire.cc/api/common/getWhitePaperSetting","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.724Z","timestamp":1781706203724,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"POST /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nlanguage: en\r\nlang: en\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://aiinvest.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qsXDRfW8JdR63NNJAtNIo9bxmmvQfXP6kaPK6hcz7PGVJVxwgGVZkgblxRILnbqLRafeg0xWtM3oiHYpoUBn6cTb6CqUNTw9PkbyWvCjOUTlUrmjveoPyK4ug1Z3SoV1aY6mNAY82EiI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63ebbdd56a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":155,"size_decoded":1028,"mime_type":"application/json","magic":"JSON text data","md5":"04701350609f032d523577b062edaf69","sha1":"0ae57b21f7d2632de9a7ed9c4644c6b7b7df5669","sha256":"485b7644c151cd84868cc773a8d00d3646f517dd24a145c5de16d4e5e09f783d","sha512":"cc8e94e89205408b62d2c3ae69d0f239a178b7938cdb85bca5734f626f996393cd48c813295dc126c87e81f76e65cb000d77f4a9b9e2c2025acf16fbeaa2e5e1","ssdeep":"","tlshash":"8dc08c376a8cc07188a2a6ce613a5b09b4e538aa171051809c549e88e818abaea0d4cc","first_seen":"2026-03-14T09:22:23.915213Z","last_seen":"2026-06-17T14:23:57.969055Z","times_seen":6,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/CreateOrderModal-De4MFw1c.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.865Z","timestamp":1781706206865,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /assets/CreateOrderModal-De4MFw1c.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/cssCalculate-VX7BHKki.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.701Z","timestamp":1781706200701,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/cssCalculate-VX7BHKki.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: application/javascript\r\npriority: u=1,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BBz7F21bzcZQSa%2F9mQTuoZ%2FclHK%2BLarIjMZNLS9L5dF%2BsM1L51yeQ1U0KOt3VHeVxntT86yXtYKxgnIw4xQU8BDwH7v81cRGhP3%2F5mXM%2FgmWEniFH1Lj0mnDFJ5hQEE%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a313a19-31a\"\r\ncf-ray: a0d2b62a6ea932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":794,"size_decoded":1106,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (793)","md5":"ce1a07f3d01ae4d3c15e0cc917158e4b","sha1":"72e2d8f92457931b3d813da969a71e786145dbf2","sha256":"128b5f4b42990b1b3f0ce0bad5af90e879b0941179991f2cac53531df662242d","sha512":"39bd9ec377569325f9d9ba3e34df028217f8a162adc827f8f86b06ed40fb228105cb5f94e6a2f4dd8e5bb22128062e38570a84984e777c219bf8b087ff185b78","ssdeep":"","tlshash":"68018ef8a5c1def79b4b563b0e6c492c718c5680ea1f82c2d72ca0207b402ecb132590","first_seen":"2026-04-28T09:02:56.142354Z","last_seen":"2026-06-17T16:21:16.861954Z","times_seen":33,"resource_available":true,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/PdfViewer-DHy--jmh.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.712Z","timestamp":1781706200712,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/PdfViewer-DHy--jmh.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:22 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-219cba\"\r\nexpires: Thu, 18 Jun 2026 02:23:22 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XG5LPpFmhycYCDbXPpjKPwec5RNi3ZFgq1f28lk0qsoS9eo5g42m%2FqQ6ZLcryYHHI5e%2Fpk83Em2TyUVZTZb%2F1WmJS2k1uUp1zIa9TN2ZAZGexPklybcj3XeKeSaJ4ZY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a7eb532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2202810,"size_decoded":809930,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"60b14e190250b589aa09bca716186e37","sha1":"380a2d3ec34bdce17c2fb29d32bb0de0f4361bf0","sha256":"adb27e9419f6404327c2ab3ae1dd3e4c863d65aad02987c8a85d5ad729659815","sha512":"0fa0eab6f4da6adc3864fef832ce4d002147b10e68238254c29c846f2faa548988f4f7ae0a87f3448b0d014ac8e40bb11791043aeff3f0c6a0e07aef5f613186","ssdeep":"12288:CZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbV:CkpMfCJkPXXq8RqbOt7aFMz8","tlshash":"ef258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-06-17T14:23:57.975394Z","last_seen":"2026-06-17T14:23:57.975394Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2708,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1770,"receive":938,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.043080b4dc709421a87781c67f84f316b.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:22.153Z","timestamp":1781706202153,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.043080b4dc709421a87781c67f84f316b.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:23 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 140059\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDBAB4B8133375C69F0\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST\r\nAccess-Control-Max-Age: 0\r\nAccept-Ranges: bytes\r\nETag: \"5DFFF9593B60761C2D121460ACFF9B10\"\r\nLast-Modified: Wed, 17 Sep 2025 05:18:41 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8499191405705657414\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Xf/5WTtgdhwtEhRgrP+bEA==\r\nx-oss-server-time: 12\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":140059,"size_decoded":140736,"mime_type":"image/jpeg","magic":"PNG image data, 451 x 451, 8-bit/color RGBA, non-interlaced","md5":"5dfff9593b60761c2d121460acff9b10","sha1":"2158f616eb05feb49ed99e8218db0f7791da38bb","sha256":"572982c291b9b7085aa08abcfee0cdda058d11d70123fe12211ae91a544b17fc","sha512":"33afdab60be985b15955334ca44a4b0ed3813c5611020d11a7c65bf91513fb5fed2f86127641bd04f35887ae376e348c12cb703dc8f5e00ca09f249de54af6d7","ssdeep":"3072:fSMBh9i++jqapKsgfYc/P+1SQ+x8I6mR92lx8v4fD321TpFdC:aMpyqaptc/SSQfK2l7LGfW","tlshash":"bed312e6e3c54eb513db32236a86c8b4822f14002bbd7545f616d6dfe0c81adad4d3e9","first_seen":"2026-03-14T09:22:23.981896Z","last_seen":"2026-06-17T14:23:57.977071Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1911,"timings":{"blocked":0,"dns":4,"connect":270,"send":0,"wait":287,"receive":538,"ssl":813},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/platform/likefire/touch-icon.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.054Z","timestamp":1781706203054,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /platform/likefire/touch-icon.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:56:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a01-127b\"\r\nexpires: Fri, 17 Jul 2026 14:23:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=6,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HT6%2BMMegBcVHD6A7nPXQgK80od3KPaiqggNzLz8LK2g5Zf9QhfBlXAPSoIlQF5hGiA9ScYFMw1Srs6Xa0KVaeHVMzCGpyo0dLp5U5tb%2BBjvrRKzHI8i15Yy3tv0LJvI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b639197f32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4731,"size_decoded":5386,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3","md5":"461335a380110ba8b1acc2e42c216097","sha1":"4b8f7bd68da9540db942fa962b83c7a658cfcc11","sha256":"d1e58047a7d8f0b6a515a749deb30acf8c2880d204dbd0d9f54294bc5ddcacce","sha512":"88ab27ff80ae287cec4c340547c70b791e5cdcca21d70853c54ccf1257c6213b19b67c164b9057785c16d510486be4d1144477b4bf699a65a5ccab1c6d76cf39","ssdeep":"96:VuCJz2bqIoBPlwWhBIINJxdMBMUXYkKE/Qa4wLV4i+OpOA5xMqaa:II2e7DBIINJxdMB1PK4QaRLV4WYA5Laa","tlshash":"dea15c4e6ea7a406dd170c3e01bd76b8979c9d3bac591101316dbe28d6d10b87c43ae5","first_seen":"2026-03-14T09:22:23.978733Z","last_seen":"2026-06-17T14:23:57.977961Z","times_seen":4,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/Register-qKZ793cO.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.843Z","timestamp":1781706206843,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/Register-qKZ793cO.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-47fe\"\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T7Gvh1gjIqUKldQrzzc4zVx5O9Iu4ix7SmyNiP36nDaDSog1wI3vAYiB1ybb%2BeyvMbxUnAN5Y7F2U4lLnAjPEZWnATJSD1q5%2B2%2FfS2j8L6WPOHlkyLc6nioUcUsybes%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650cf0a32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18430,"size_decoded":5524,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18424)","md5":"d3a5611c44fabaa4c0a36b35c4a61958","sha1":"5885c4fa8cc85fd1e39b0f9059fedf076eafe60c","sha256":"594f1d796c17c4b0c06d5320132cf591c14993a875b393d170df83451405653c","sha512":"e26440b91c045e4e5cef107378c915be823b0ed2dc4c1824f58b85a9da959623c0413de340cad5dcecb517f5152f2838c04c4ca62e29bebd21f0c953f3d67582","ssdeep":"384:GZD6uozyk7mm+rwmee5dk5LY5IWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792q:GZDpoek7aF5i5M5tUZ5pyVjnjXYn0D91","tlshash":"0282678cb1519bfaab7b9430f4476930682c4f5fc463c4f6e6e88c35a79ec71a51423a","first_seen":"2026-06-17T14:23:57.980202Z","last_seen":"2026-06-17T14:23:57.980202Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/TradeLayout-jjwLLC2D.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.853Z","timestamp":1781706206853,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/TradeLayout-jjwLLC2D.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-dfd\"\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2WVIlSvEwYXsOoVp%2FxQ8mz26yovSKfFrSczkdHmphGrHKnfHUC6B85u%2FzNsExKUYW9z55XnTIqBhyVTyO9d5NBJC8uBv%2FL43LLJrNbclPPT6e8itLVI2hIOKLvIqAsM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650df1032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3581,"size_decoded":1889,"mime_type":"text/css","magic":"ASCII text, with very long lines (3580)","md5":"7fd45eb38d588c661a49f4ae25e54d6f","sha1":"06bdcdfa25a1af224368c48160c1a8eefe3e2b44","sha256":"d1d3a3e754d8568ab0db4654857e1154ca5df7801e7096babdda11ec84736ae7","sha512":"fb8a6ce2a52031bd94b72eb7959ac8d8f596ee1d3ca91f3b94499be97376e44a298d6281df434a021fa43c5e7a8dcf0d37d2daca75adf6b0329915d7d54cc6fd","ssdeep":"","tlshash":"777152a9b11820a862b3e95195d442ae110de343f67709dab301bafc8fc37f92b76185","first_seen":"2026-06-09T19:00:53.765829Z","last_seen":"2026-06-17T14:23:57.981761Z","times_seen":6,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":554,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.like1688fire.cc/api/common/getCoinContractList","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:21.783Z","timestamp":1781706201783,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"OPTIONS /api/common/getCoinContractList HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://aiinvest.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BD3qrv%2FuZJh17hb3%2F2R8keV2ZMlNpcNLuAAXjTcNF%2ByCZ%2FmNOK%2Bj5MZR07yQQA3NRIhi%2Bb%2FEdxjIRULNoRqqHFFpslGsQPbAJ%2Br8y1fUJsAmwzKsAep33%2FsF9vtUHcSZAd3el9j3yLR5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b6312b0256a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":937,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T14:23:17.115Z","timestamp":1781706197115,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:18 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X%2B6khWGXlp8wJG3P6z0%2FTYis0ac55vFAHaxgY88SyHK91KhXOxdVTBjrhMsBSsRqq91SqtWwF%2B6V3%2Bc1R%2FrWsoSol%2Fry3M47Wm9%2BLL%2BX2c2HzCIIh6je4WK4HlwCsGY%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\ncf-ray: a0d2b6143a6932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3701,"size_decoded":2146,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"4e6a79d9ed46db644409a4dea48002c5","sha1":"9dbe65bbd9b416e41bc447dc2630b5089c64cc29","sha256":"2f88f567222fac7a3b982c7a444f3a8ac30f5131b4d70cedcc5cb181ef3b1ab7","sha512":"83c834824e0111b85bd31fbb3372f10256394e861ef84e6ca8d2620e6f8560c25f51b167e662ca54bd8becf3555b9951d6e422b8cdf7ccedc3f15ee962e40cba","ssdeep":"","tlshash":"5c71412786b8dc5513a1a33ebfeab2458a325483860d196c744c29dd8fd1fa086e37f1","first_seen":"2026-06-17T14:23:57.982656Z","last_seen":"2026-06-17T14:23:57.982656Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1200,"timings":{"blocked":-1,"dns":23,"connect":17,"send":0,"wait":1160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Footer-kqO8xzJ8.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.715Z","timestamp":1781706200715,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Footer-kqO8xzJ8.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:20 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 18 Jun 2026 02:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DTUg2HpY643r9GcebEVmAuHO9pl5KS9hpf0lpqdUbgt7Tk2IcphfVBYJ2nVeCY%2F8EbG38bN9Ga6B9UVWG0Wf9OB%2BGd8x%2FdHeuFXZP8j6W9g1NatVkFV3On98vF0WOZ8%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a313a19-60\"\r\ncf-ray: a0d2b62a7eb732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96,"size_decoded":856,"mime_type":"text/css","magic":"ASCII text","md5":"f2d8db841ee2cccba46a4846bb383b9b","sha1":"21ec1dc977ba6ee4b0fe0a042add8ff45f05ce42","sha256":"8b180be1698077bebaaf6beb91aa095652e82bdb700bb511b126055be7e155ed","sha512":"746edcc3f53af777995441974d93a876940ffe4fec86613f9f14d3801a2f9e7d0811f7d9ed5ecc3fb6525ae957665a71e779b3b391dd0435daad7586389ee8e4","ssdeep":"","tlshash":"69b0127030ef5567744f62b93015a2308159c106d3051e0c353c62fe39d20001157296","first_seen":"2025-10-10T02:51:18.076622Z","last_seen":"2026-06-17T16:21:16.880889Z","times_seen":77,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/crypto-CzKJroU0.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.715Z","timestamp":1781706203715,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/crypto-CzKJroU0.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-9b3a\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6s44WwT0veC5gQcjdU6DeSnbrIYIeO7hieyNQoWZepYNF6alp5t6LL3WqDz7MLQAeXbqI%2BjkAAMRc%2FxOJv9fLsBggHiMagtJgia34i5tVlyQF3%2Ft91okD6Dz1gL3lrs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d3a4632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39738,"size_decoded":40223,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d96f714646b573194b60928d259b4aa2","sha1":"6094806144be7f313efb1d6ce0394e2e1c916e8c","sha256":"f9dad38264fde116c4af1ca31c4f4e5853c22ff612c5aa1356fa788030fd3e56","sha512":"5bc291929ae2da85c57678debf71e608ef311660ff9030eeba1f254470ee822bbcf6347054399e30a4dda40829222cd69314bd0b87236c34fce12b36325bf234","ssdeep":"768:/uuO/MIYxLYmYAaEJCQgwW6scjj+189Qlf3AqpNabUesRt+HPi0:/ZO/MIYxLYfZEFgwRZvY8K5hpM60","tlshash":"2403f273f51364e85cb0e3ddbc8a7299647e91361ba148508411788f563cdb43fb64b9","first_seen":"2025-08-26T17:46:37.250301Z","last_seen":"2026-06-17T16:21:16.885732Z","times_seen":96,"resource_available":false,"data":null}},"time_used":889,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":713,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-r4PLYnzF.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.698Z","timestamp":1781706200698,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/index-r4PLYnzF.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-2a445\"\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3mClT7v%2BqRP2UhvUTxhd5zH1hXHJd7BYtkOUdlJUhM0WvMrNmBmfHaIggP5mIUF5jXTEjOFzu7LcPnKnloUCJBsF0kjlceEQERdIEIrnXhEiPH8y5UaeE8XTMuqtCLI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a5ea532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173125,"size_decoded":83195,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"5c9f07a274ed6906cbdac1708e28b0bf","sha1":"899dfa69faf7e4f11727207bad0c26ddf29d6985","sha256":"bb6356137ac18b972ecd31c0b3cf11a62116c89d5ef23346ada37f3a3e3aef13","sha512":"68fdd257a935b6596df5fa9105174b4e7f9ad87d2b786a70f5fc02d2682b17d0e7bf9dc716135e58a3cf6c943480d579459c2ff0c6c481a03b07e64004d63c95","ssdeep":"1536:R9R8Wx5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:TRt5jTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"02048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-06-17T14:23:57.98482Z","last_seen":"2026-06-17T14:23:57.98482Z","times_seen":1,"resource_available":true,"data":null}},"time_used":899,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":720,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/CookieConsent-CqBG65NL.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.705Z","timestamp":1781706200705,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/CookieConsent-CqBG65NL.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:22 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-7fa5\"\r\nexpires: Thu, 18 Jun 2026 02:23:22 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sRIQpASlqKOKj7l6ukwwsz%2BSS%2Bl4O9lxDgwF1Z1%2Bx8MmHBLzqcXulkwupP%2F4sIrbbSAS3pRuOi72msbQrKjjTI0pulZA7eacO5M829Q8XNPKmz76ikFTb9spr5pZ1l0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a6eaf32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32677,"size_decoded":19447,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28844)","md5":"e4efdcd8e97288e9b34f819ba626fe9e","sha1":"eda6bb2347dede47f5ec90d07607a186eaaa0bbc","sha256":"598e45fe534ed8751c595a6ad146156c720c66d51136ff358639df794ae7df24","sha512":"30aa94973e32aac421d60c83ad014e937e8251951bca94d6876001b2519a773f12d2fb88914702b69b0eeae860afd2bf3d1b92edaef5bb5919c93edcab1328b6","ssdeep":"768:br5jgT5ISSBGZo4mrwrS0yIpdmjriD0PbnPex4:KeVsmrwbpdeioX","tlshash":"f1e25c05e806eeb9d7f31634744a7168a4387fd9c25ac479a3bd85232bc9f728763314","first_seen":"2026-06-17T14:23:57.985863Z","last_seen":"2026-06-17T14:23:57.985863Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1811,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1811,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.03c86672fe44c45f0849a5128322a881b.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.693Z","timestamp":1781706203693,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.03c86672fe44c45f0849a5128322a881b.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 71220\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDCC390C332380E0420\r\nAccept-Ranges: bytes\r\nETag: \"965B88CFD1D98B7610163538DD559E76\"\r\nLast-Modified: Sun, 06 Jul 2025 03:55:47 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15215870947680958813\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: lluIz9HZi3YQFjU43VWedg==\r\nx-oss-server-time: 52\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":71220,"size_decoded":71797,"mime_type":"image/png","magic":"PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced","md5":"965b88cfd1d98b7610163538dd559e76","sha1":"5a8fdf43d0070226302f8fd97f418e9f96fce27e","sha256":"cb4fd99fe8c6a07277203941e1f12cf17fc7475189bf3c564c61d4c89b91ece7","sha512":"f38cff9f916c8a333e35fdedfa1cefaee566e314bb33b9c6bf7ceeec0d34f7c9545299c0bd6d19ad890bf37af1a90d45ae304189d0cc49ffc7d18d1d5c17d711","ssdeep":"1536:4AtzwDcY1uBuLS02/BTra9n+IxTD3p6+FVRXl3fdhHH24bWN4LvX2:4EwDv1ukLf2/09/h6aLdhHH1PvX2","tlshash":"e9630205378c473db717ff70a981205ae97e388cbf068247bdc92a159418b6bd79d50e","first_seen":"2026-03-14T09:22:23.96834Z","last_seen":"2026-06-17T14:23:57.991658Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1402,"timings":{"blocked":-1,"dns":0,"connect":270,"send":0,"wait":322,"receive":269,"ssl":541},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/crypto4-C1r0vD33.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.719Z","timestamp":1781706203719,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/crypto4-C1r0vD33.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-4bb5\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TPU%2F%2FtRcpQ6H%2Flem5sXOFpcmjW3BZfmfvBmecz%2BpSTShKr5hN%2BN4wggxKK%2FWJQYsVcXDQvD2VBnejrjTFHi%2BpFeVmOhfcaS5WPNBjGimoCLpxZx4gg6GzkrsQPNOzy4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d4a4b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19381,"size_decoded":20148,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d067618d9d6147cf94031dc7b0e54f34","sha1":"9eac76e72b792627e4262bb3c3349b9a95e76a14","sha256":"51e7de570156dd0d9f5be2aea42306c4e0d810e2f5031ccff71f7a2b7707bfeb","sha512":"1cfbdb4d59b63b7508ddfde9cf307fbbbcc21c9eebcb17d05b5a52c0689acf9a6c5cdf75138ab87ae4d2eac26f12834fc4c4e0e23e94bcdd489b53264a93ce43","ssdeep":"384:SYrMlXfj/ycORUUZpYLOsa70OEU1pKfX9jLKAd6NL3UvOfaDYMAG3eQKRD0:OvmuUZgjatEU7KFjLD6NLasbG3eQKRD0","tlshash":"7692d14cf04b18795a05a41f191ad42bbd1ede7ce81b0123dade0d7945cfbdd9a44348","first_seen":"2025-08-26T17:46:37.293947Z","last_seen":"2026-06-17T16:21:16.886408Z","times_seen":96,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":732,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/trading-interface-YvFbDJGl.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.721Z","timestamp":1781706203721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/trading-interface-YvFbDJGl.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-6dddc\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8r0ChrV%2FiinmajA1alalyh4vZtrRXOVdZf0WYnSkykajchj%2Famnco3Vam6GxMvY37GcRY4ZLKo%2Bl4b7a953y6CRzRvJFa%2BIkBN5PHCxbnObF7N6LqwfH28IrjAMCMD8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d4a4c32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":450012,"size_decoded":448924,"mime_type":"image/png","magic":"PNG image data, 1199 x 769, 8-bit/color RGBA, non-interlaced","md5":"8e164653c295a947f0f5f890ace31218","sha1":"ad2b0b6fea992e6c58813ef2bfb054c4bf219343","sha256":"5414a7098f38784b19949671f3764c769fc9ec1cfa53445f6a083c70d40ed42a","sha512":"64866ba82d827f979ab4a565b85993384d54208092322810905b79b8ff869154c051aa081c69a074e16caf93644220f4fdf93108c9ac94d0be84c5d64f1397ce","ssdeep":"12288:z5/ZEt409LPsiceDij3a44IuvoHZt0JAyKsvX4UCQFX6CKb:z0t39Uic4w3aVIuAHZtOKI4VWX6Rb","tlshash":"b5a423d46a8c52d4420fa54146bebca35e188bbeb733e140d4ce90968f89b71462d6ff","first_seen":"2025-11-30T14:17:39.784095Z","last_seen":"2026-06-17T14:23:57.995407Z","times_seen":52,"resource_available":false,"data":null}},"time_used":1616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":817,"receive":799,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/loan-zN95c-Hv.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.860Z","timestamp":1781706206860,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/loan-zN95c-Hv.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\npriority: u=1,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 18 Jun 2026 02:23:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=beGH3tjHmgou%2BWay9GWsTjyDpiGuQYT70l8AGzoEJ1%2BjESD53%2Bru68dEzmQIIfIqySdzaB232lqCyG4s6vcIYwujFg%2BZzbMv9Ebbe5Ipx%2Fk%2FWCpYiM8ccNRNp6fPbek%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a313a19-244\"\r\ncf-ray: a0d2b650ef1332fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":580,"size_decoded":1064,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (579)","md5":"d070fe16ac50264758696eb3228edb21","sha1":"df1ef7c538eb8dd61215a761850744fa9f48733c","sha256":"6d333be3d20bc204664100a0e7ec95081e27a5e2285a98bf23873fb09a169bed","sha512":"23b460e1ddc0cd9980386c3b93d3a57b448b1fcdfc0cd1f3d2fedd5e268aba3265d846b92a9b86a83812d45361c5543d75a7ea6d7826d57989b1c6bf2531a517","ssdeep":"","tlshash":"27f0c8dabd079a7e9135d23930923d02b43b9a31def614702f26d4678b2c4896757941","first_seen":"2026-06-17T14:23:58.003143Z","last_seen":"2026-06-17T14:23:58.003143Z","times_seen":1,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/CookieConsent-BKtXZsW6.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.709Z","timestamp":1781706200709,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/CookieConsent-BKtXZsW6.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:22 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1939\"\r\nexpires: Thu, 18 Jun 2026 02:23:22 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RK8kWfPcX73BIKqvsqIlJS7N%2B3fchEZJDO3KXzYtOFkZ7If6CiVJVGhW4jnzpPV9B07oCCrisdG9fAogeZhqipWMNNaeZ%2BtiVuHZkrZFDrTEHFN77Ftr7%2FPhpGL%2FhDQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a6eb232fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6457,"size_decoded":2550,"mime_type":"text/css","magic":"ASCII text, with very long lines (6456)","md5":"1149d91279806327d1cf129fb88561e4","sha1":"64a0d38ab7c0b5dcc85255064a404c5faea0e413","sha256":"ead0cb6d3b9cb7c7ba752b1a20cfe31c362fb850dff7077d0a6bb1c1229bbb73","sha512":"a32f4aa95f8b53e74371a2cf0c459b2959b0a017734332ab04a2bb0cbbd974d3c1e9963ef7e9cef2dec986510b4f0188c7aacd045b40e793c567e28686a7802d","ssdeep":"96:UMwlRU4q7ekoIlbffKu28Y6NRyuHwwlUxiun10aWNPG987:lMpq7eJOffhLYP2WxDhFK7","tlshash":"81d1ff717688b01db13fd87561e12b9c3228e207d7325ab8964bb57c89e72873336bc4","first_seen":"2025-11-30T14:17:39.787592Z","last_seen":"2026-06-17T16:21:16.816264Z","times_seen":75,"resource_available":false,"data":null}},"time_used":1716,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1716,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/LTC.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.700Z","timestamp":1781706203700,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/LTC.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 34858\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDCC78BAF3738C6F749\r\nAccept-Ranges: bytes\r\nETag: \"BB27C369A3AA54D9C1F8E59E1706DA48\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:58 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2593469271640333430\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uyfDaaOqVNnB+OWeFwbaSA==\r\nx-oss-server-time: 5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":34858,"size_decoded":35407,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bb27c369a3aa54d9c1f8e59e1706da48","sha1":"7e1b9677305cad40b686a5a1077da57c4f6cf07f","sha256":"e691621963c6de60c05c0e91cf7c65cba4191df054a3b1bd5becbef3a426f9ee","sha512":"4ff3058897ecbcee5464eb954955cc40bad7f411ee86f21dcbebe3d02ee45410b42f68c8e3a22537ef530c65c9bc9960fb36134aeced2dd36688a21c0cb02415","ssdeep":"768:FAbT/SSUokJQD9Wvnwoo2hzabJIqRw/VH3+WFxL1nHLy:G/RU4yni2kKl53+WbBLy","tlshash":"3df2f155ed69527406b90571846e302ca4669a7ebdceb11bffbd67302b3246f008e06e","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-17T15:51:26.203489Z","times_seen":646,"resource_available":false,"data":null}},"time_used":1369,"timings":{"blocked":1083,"dns":0,"connect":0,"send":0,"wait":283,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/crypto2-RVLsXywe.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.716Z","timestamp":1781706203716,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/crypto2-RVLsXywe.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-ddcf\"\r\nexpires: Fri, 17 Jul 2026 14:23:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wliy%2FUcx5GH5cIaIJwDBn76Ble%2BPRlqFz2MrFYbok4RjE0erZrxHG703nIgKxVIY4KI8V2hcBAA2uN%2BhekZLxkRq81uawsr0aGB2XV5Dl%2B1u2I9QM0SoAm%2FAE0sSGqg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d3a4832fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56783,"size_decoded":57601,"mime_type":"image/png","magic":"PNG image data, 260 x 305, 8-bit/color RGBA, non-interlaced","md5":"8a1eae471f4c0dc21007b86b97b5fd68","sha1":"b1ac51b4dd8a9a255a35326b1e0e3724eee7b431","sha256":"780f1d2b6644b5d7173ac032e83d0bcb58b2d0f8fa81911b15031918f3cb593f","sha512":"decf23d33c7f25185d1ce69a55b7ecfcacc46225c0a6cac3705c8c8666531831edc83b956a8dd0e714b0addf0cfec8e2e9cfd30738b652556ef113d9131bae4e","ssdeep":"1536:Z41T3sxtojtdJlqDe3dBB+5pfT8kbN5ahOaV:Zm3sxWtdzqDe3Dw5ZT/N5ahOK","tlshash":"e543024f4482be71cc64d7813f96923a11967d4afda0b4b08ea7a041cfce4ed72456af","first_seen":"2025-08-26T17:46:37.263184Z","last_seen":"2026-06-17T16:21:16.873578Z","times_seen":96,"resource_available":false,"data":null}},"time_used":579,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":390,"receive":189,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Low_2-BPxk_UPI.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.734Z","timestamp":1781706203734,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Low_2-BPxk_UPI.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-24b6\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RcSEk8JHsDGECByab15IcyXt0wziBmaEL%2FSN4IPlU0OuXjNcRtx7VYVSRKblgDK7UhNkLOkwfu%2FpoHTvIlHqW4CTG3vB8EvvXOjDwFV%2BO9qaCeHD65FgEl56ZE871cc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d5a5732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9398,"size_decoded":10191,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"ce19171ad2413080ac589384fcdd4a01","sha1":"7b7da4a5cc5aeb1b1f10266de0edb0bacc2fdc30","sha256":"68582f4a49950d5778e05957baddfb31bc321607dfc5af01c519cb84f87ec0a7","sha512":"4282b94584460f26d89f307072438f1c29b017c81d4a5d3cef14d06e839a2953e304c8f3447907bcea56f84c0b2b87d4972405bb04da530de1a360865c579b44","ssdeep":"192:4S+V2BSNF7kJS4V2yFaVkIghjKpg3UhUyBL1xWczVDF7Tqxwyvgajoto:/wyM7kwbW6JkWUyIUDwqo","tlshash":"9312b00bbc2b7d3b7211f80944cc37a51c1ab8bd05ad839188b576951adee58d7e3ec1","first_seen":"2025-08-26T17:46:37.214917Z","last_seen":"2026-06-17T16:21:16.887141Z","times_seen":93,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":548,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Low_3-CoMiX5LU.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.735Z","timestamp":1781706203735,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Low_3-CoMiX5LU.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1da0\"\r\nexpires: Fri, 17 Jul 2026 14:23:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MVCUTqs5N0cW043VXEOhbesFZHPL0dLyqn%2BBzgv1uTA2vrq3rT8fAwRRyOnCjiWZ7dP2ksQtYFaY5TYr%2Bjllck500PMJXk8EYJQtCjTRWMVNXg3IK1D%2FMDDMAnKXy3Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d5a5932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7584,"size_decoded":8379,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"a8b00a7e3bf2f70c8c4887d24abe8b51","sha1":"92ce419cdd7ab6e8d8e7bc05500761fbd08eaa9a","sha256":"8f98a9cc45245fbac829f6a93e5e24c3c5e3703ce68eb080d4c9421c297dee2d","sha512":"9db0c799a8dc0e938d327e0c20f3cb3cb98d3260668705dda23fb04e73efe9278988f6499b2f96df201da432efb01a8b5ae44efe08195914b02479dfe70bdc23","ssdeep":"192:8OSF296sDSSaQ+8CQ2twPskLuqpZ+DJ72iUyoutP3QB:+I6OSZs2tnkniYiUyo2E","tlshash":"c7f1b0d7a5e96df1f736311988dcd2037f0fb258a6a00a66f5039a84e7f450c870f061","first_seen":"2025-08-26T17:46:37.283171Z","last_seen":"2026-06-17T16:21:16.889656Z","times_seen":93,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/filters-GIdr7Qq2.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.871Z","timestamp":1781706206871,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/filters-GIdr7Qq2.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-416\"\r\nexpires: Thu, 18 Jun 2026 02:23:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UhgeAhH0rIxRvo9QNPUaozWGp7YY7YLgUDM7KsYgZg28FNS6aXWhbepS35YEBQRrIMuBDM512P2qHxhClRB3%2BmBRTV0%2FAgmiZN5JyEY64N3H%2FR0N%2Br2DwyWR233tNzQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650ff1a32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1046,"size_decoded":1258,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1045)","md5":"7ef860709803cd6cfcb112417de01d53","sha1":"b9da8b3bb4469c7b735e91a787bfcd7dd8fd7aad","sha256":"83cb6afb4e9c5aababdc674d5a0221a9d9384bd24b4de633c1bdf0d7921e55a4","sha512":"4c6598748bbaea04eff2f8107d3c39214df6c509de7289c989bf4f98fdc8e74d0a0d6c3415e969f9efbadfdbb1cdf29765f8960e8d6e72c4896f9b79ab35cb30","ssdeep":"","tlshash":"00118ba995c6c67b02fb88c8514d418768d87f78b00e4b62bd64f11275a1091f4ba393","first_seen":"2026-06-17T14:23:58.011955Z","last_seen":"2026-06-17T14:23:58.011955Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/index-bg-Cig16shZ.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.671Z","timestamp":1781706203671,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/index-bg-Cig16shZ.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aiinvest.vip/assets/CookieConsent-BKtXZsW6.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-b2fa\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LTCZWn3ABJ1XHn2VgxMxW7VFioV3MD%2FoEhQsOy4gPUAPIzyJ2PjyFT%2BkpHawGhuYCQZOvLIgLdcjyizUw0dqGjGh%2FwZ21vsGNXbU8ZMDra07ihqnwJLujODpsLxRcR8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63cfa3232fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45818,"size_decoded":46253,"mime_type":"image/png","magic":"PNG image data, 1920 x 706, 8-bit colormap, non-interlaced","md5":"c09495fae9b3b9afa21e4f85338186f6","sha1":"de7e184687afed539def40fcefe0e9315596e07b","sha256":"6e82c55cbd0ee19a044a5ec37c31769eeb6e168802c661640cc683e6b3e8733d","sha512":"8268075ddb43eb44937d88d3542d2fa595f0896f76c48ff52786673de1b486274d13880754df9605fa3b303bab65dd5bb02ca5bc33e88acda64dccbf16285fba","ssdeep":"768:A6+sg4W9+cPJlO1NctTpA2+fzAJjIaZjVcpjO6X0BvRURf0hrv4llB+86HFhekx7:7+sg4mnhlO1NUdAVfkJsdNS+MHe0r1PB","tlshash":"d523f20a976dc409b8497e7d8fa48700a882cf97602d873d7e913a1de938d534f89cbd","first_seen":"2025-08-26T17:46:37.246586Z","last_seen":"2026-06-17T16:21:16.872213Z","times_seen":96,"resource_available":false,"data":null}},"time_used":904,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":726,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/index-bg2-DH3H8kTp.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.674Z","timestamp":1781706203674,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/index-bg2-DH3H8kTp.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-415bf\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i3SVpHI10qSTvHCirXiOiGaOgJeJrM7Id7H7N6WvyV4TbQrZEkQhKyNPapiWtkBemwRtm0dzEG3R73gxq68uaRfM9QrupIMFQCRMRC3aLhXAeP9Jh7J7xE1z3GK5AXo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63cfa3432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267711,"size_decoded":268564,"mime_type":"image/png","magic":"PNG image data, 1920 x 734, 8-bit colormap, non-interlaced","md5":"4e2ceadc2a00a7055f2d30b675301f2a","sha1":"23544a569e9f2129980acabcdef51b8c225117dd","sha256":"0113b32c782902d3f6c16a832653c99172ac40d17a454ec621e4366ef56cc280","sha512":"3c70550b3a9821a4b962341fd0cf08bacdabfdebe7eaf65a77946211a78701d72c5a8e321e24bca94be9634c4af66deab691317d98709587f23b5efb556b3d5e","ssdeep":"6144:fHeZ8M1KxbmeW02HluhfdZ9de39D3Jly1ZBWIUL:fHeK9xTWVu5lul3JM1ZBWIUL","tlshash":"b344230c360554c3edf7d874b31cdbfadd9b3cbf249d8528a672a36a4aa502c15c99c0","first_seen":"2025-08-26T17:46:37.264725Z","last_seen":"2026-06-17T14:23:58.016766Z","times_seen":95,"resource_available":false,"data":null}},"time_used":1130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":526,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/tech02-fCe8e4gN.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.712Z","timestamp":1781706203712,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/tech02-fCe8e4gN.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-15fe\"\r\nexpires: Fri, 17 Jul 2026 14:23:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VcLepDlDljq3Ygr8wYxCor9J0O98teDErtbP4zrJXo9bUdc5uWqIyhKSoXZISufblkb%2BvhyImwGKVxO2SIIWsMG5wjCa8FbzChHqxmOgVUts23IeSv9d%2BqDl1VPM%2Bg0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d3a4132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5630,"size_decoded":6434,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"9f0f4960f780ae1e5e85227bbe3383bb","sha1":"f8ee4ead676d1560556168f55b35d53fe32a6d41","sha256":"7cae8a74bc918d12efb430f71dd41d15d06ff373a260547749045449ef9f241d","sha512":"cb7b17a623bea5b449df7a2c0b27ce3e9f8040b3d51bf0be975a798349085e09ed86be8911600ed54a2aa48c11dcc64987c2d1e625560df781108a7afa4e8bc7","ssdeep":"96:A4+Vq+5u/C6+xiKXdoPS2bcPvnGSzKHRe4YebiR0u0tsroQiWcUU9+82gCUuSq48:A4+OKXcSfn7zKHR1YegwscQiUU9+vgCR","tlshash":"d6c18e4e24bdb9424820166045f90171d8aeef522a2f61189b61078ce9983fff5adbdc","first_seen":"2025-08-26T17:46:37.297934Z","last_seen":"2026-06-17T16:21:16.831226Z","times_seen":80,"resource_available":false,"data":null}},"time_used":2400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2400,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.like1688fire.cc/api/common/getWhitePaperSetting","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.745Z","timestamp":1781706203745,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"OPTIONS /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:23 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://aiinvest.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MuYbWW4uEzh6XHqjDbOP7fECMNVXCkMoSjcgJCLYlXdQXMK2rO4WvOqTXhXcXvJjKMArbQ9%2BKno0ZJ0L%2FzU0BeUuRjhYuHoTdCX3UJltOhBccg1KyRjDj%2B9jrzW7HOS2HNTL0u42u2%2FU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d6bd256a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":925,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.like1688fire.cc/api/common/getUserCoin","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.721Z","timestamp":1781706200721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"OPTIONS /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://aiinvest.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gqzDiO4zIXpwJtJh4qtYJpngtdygx5tju6f3O9hxrJgjZztTw2xkrrMaJAlxsRrspcCHpKAUF%2FIDpoczJWpYF5YQx4SN2f58tYNBJbArPtQTmyHwMwII58U09bVYhLlfu4Zumlfa7C2g\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62aaab956a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":933,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":606,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/DOGE.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.704Z","timestamp":1781706203704,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/DOGE.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 55728\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDCBC6A5B3233403B41\r\nAccept-Ranges: bytes\r\nETag: \"48384A67185DBDFEEF3AA43C99D3319C\"\r\nLast-Modified: Tue, 22 Oct 2024 12:00:22 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3192987439189544564\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SDhKZxhdvf7vOqQ8mdMxnA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55728,"size_decoded":56277,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"48384a67185dbdfeef3aa43c99d3319c","sha1":"23e15189bebafbbec8b23e8ed0f3392a9b7979ee","sha256":"1ceba4efa6a645fbe532e520385f37001922e14b6aa7b4ebeb19e755014feb39","sha512":"2f7a13f56ff64b874a76994d00f198c5fc2b7424181935e641eb81bcf171db54fa50b711502c0c4a7e8f5c934ed5747233d87ae0602916244947d3724eb3ce10","ssdeep":"1536:5ko5w6RHlzxqElMwBI6M3iD+oLKTn6EPwhk6g9p6uP5I:x5fR9xjlMGnMSDYLPJ6bOq","tlshash":"0d430247c0529ed2c68853aa0e3de48a84779d12358f80577ce6525a82e2df29bd770f","first_seen":"2023-05-22T05:59:44Z","last_seen":"2026-06-17T16:39:53.805226Z","times_seen":669,"resource_available":false,"data":null}},"time_used":1371,"timings":{"blocked":1083,"dns":0,"connect":0,"send":0,"wait":287,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/assets/style/css/chatStyle.css?v=1781706203372","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"172.67.199.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.967Z","timestamp":1781706203967,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 12:14:39 GMT","end":"Wed, 09 Sep 2026 12:14:38 GMT"},"fingerprint":{"sha1":"87:B1:0B:09:14:03:BA:0D:13:3A:69:24:42:69:39:14:CE:15:CC:A9","sha256":"75:2E:E1:20:28:29:02:08:57:B1:91:A5:26:58:85:E5:28:6D:C4:30:D3:8E:6F:64:EA:CE:37:73:8C:B3:78:CE"}}},"request":{"raw":"GET /assets/style/css/chatStyle.css?v=1781706203372 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 27 Oct 2025 16:46:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ffa1e0-b303\"\r\nexpires: Thu, 18 Jun 2026 02:23:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h7GnfD5gsm%2BesBEnHg1iZgzY9dr2Wuh%2BM44Z7ifJN446U4cZhXqxb6LnH29Izg3rkLk%2BzcFw5SMUztpZw3gejNmjs4l5Q0D9d%2FEVbrpNED60krc469WH6kVp0ZrmZTqj7rKF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63eca960b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45827,"size_decoded":11028,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1414), with CRLF line terminators","md5":"7f04d716a07903513dd26bdc041cded9","sha1":"87cc4821c93b3691c2cc6ed6c07504f9c5030d5d","sha256":"eca5ab3a8577e84adaf245950a20cb525d5c762c14576671dbcdfc9a46de476d","sha512":"f4a86fb88cfef3906b7debb45e8d4d02a58f4afbb14ff8479e630c3f8c84f97be7d3996d3e399f29498f31066c28fb7a63d8a83e00bc151686e434bf796cd0a5","ssdeep":"768:b8hjh3T4m4G4/4y738BY8+kJYcJHJlxGSndLcR4xhQ14YYi631N8VNi3rdwLcKda:Izr9l","tlshash":"b423433ceb65218da123b4a9bff16be5af514013df0b06a5b5f17a38c2504bd39712d8","first_seen":"2025-11-30T14:17:39.779365Z","last_seen":"2026-06-17T15:47:22.867599Z","times_seen":109,"resource_available":false,"data":null}},"time_used":794,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":794,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/dataModify-C6sk-dj3.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.699Z","timestamp":1781706200699,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: application/javascript\r\npriority: u=1,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mnqZXq0gT6r2Ml8tv3W7ZQfiWiCryS4k8NhyF3uYdFO9k4%2Fd2y%2BKie437O27LojQDlS1WmG4pYW2xUYDFQBgvcTVGirFnGrHEbWPLPII3whw9azCLQ5kIL1JIMRtD%2Fw%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a313a19-27b\"\r\ncf-ray: a0d2b62a5ea632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":635,"size_decoded":1160,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-06-17T16:21:16.828115Z","times_seen":74,"resource_available":true,"data":null}},"time_used":769,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":769,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/Calculation.vue_vue_type_script_setup_true_lang-CW3nJquB.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.702Z","timestamp":1781706200702,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-CW3nJquB.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-4ff1\"\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hm0vN3by366i%2BIT%2BDyxgprwYbyYBkvIkO9QnnMSu3NwPIjh9JcVqO%2BZk3M9qNU5J1hHUBZU9bxz%2FFgl47ma6WokFp1Q4YJfzBOhExG9APidj0b%2FFRIYkoqnIFKZwitc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a6ead32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20465,"size_decoded":6950,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20458)","md5":"af8d87c491ae93f637a6ddb39f9544d1","sha1":"d71f1545a359097bd962d45ce20e637f530f0e49","sha256":"6fe3d0b56c9c1b30f0f888bad6fde66b517933d8ee4f5a94111b27bd07b4728d","sha512":"44b37c94f12c93a4c3297d77876511f9800eb782914af6f7470b6a4ef7c6327c2e081bde579f3ed2fb8cdad7aa22ccf3ec26dbf62cf6989b3b60bdec0d5d4a74","ssdeep":"384:dxSYvpyMTG1CmxcgKJcwV1e2cICuan1B2kLgpkDqaBoiA6mJWM5boWBuuD8daLHc:nScQYfK2cian/2ogpQqaBol6mbboyuu4","tlshash":"3092a649b152db3ddbb354f5605e1014e008bfcad426c497a1be09933aeeeb11a6927c","first_seen":"2026-06-17T14:23:58.022536Z","last_seen":"2026-06-17T14:23:58.022536Z","times_seen":1,"resource_available":true,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/index-bg4-4HzhR67G.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.675Z","timestamp":1781706203675,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/index-bg4-4HzhR67G.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aiinvest.vip/assets/index-B4CX758G.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-62509\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XfmVFs4BHiNrBAHHhRYS5SWEPjPu1mB0r0pTfdQZWHQrRSMSPCcBXiYfgVQzoHgpfL%2BhBgCM3t%2BK4c3VL7MsEWcIH775tSPk%2BG7sfyTyL1d9Yrn1ZpPuNpQ%2BFFFMXaw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63cfa3532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":402697,"size_decoded":398302,"mime_type":"image/png","magic":"PNG image data, 1920 x 605, 8-bit/color RGBA, non-interlaced","md5":"e8d59ec576c7863d0a1634be119a9dd9","sha1":"904d9420707d71bcc8fe96d4bc3efd7bf6788e6c","sha256":"9946dbdc4e1830e4d974e4e2306b02eb2840791ae4fc3bfe803405261e8dffcc","sha512":"d7bb56461ed1d44c529ade4434da8ab75e6aba1771b1d76fe4ab4fd43edcecaecbc0a4fad78399b05d9a68a5df695e51e97e979462ee4c838c0dce1526be9695","ssdeep":"6144:LF22gP1p/A7+eFVOe5FE/FplkZ1CAauYMx7pHdxmDMbMzxMuVV58p3IDzZ:LK/NA5FwlkOArYMpxmDMIzjz5PzZ","tlshash":"338412c483210832ba90ee50b5618990d0282db7b405dd7517c7ff836777ba9ac7da9b","first_seen":"2025-08-26T17:46:37.261835Z","last_seen":"2026-06-17T14:23:58.025624Z","times_seen":78,"resource_available":false,"data":null}},"time_used":1286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":739,"receive":547,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Frame%204-BZFoet9Q.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.729Z","timestamp":1781706203729,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Frame%204-BZFoet9Q.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1661\"\r\nexpires: Fri, 17 Jul 2026 14:23:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WVzxiQzAwfGmgajrOgtZZuCL%2B0Jy5EujFuMLklwoLFXrplL7q8D5yFyLI21E5A8%2BW2qjx%2BHkkx1z2Fnl12ksmwDgu7llF3v11LOocfL5sYKQE4cQ8M6g2l0fN%2BlYygA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d4a5232fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5729,"size_decoded":6528,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"c3db4e6b3340b588b927ecd0c523b863","sha1":"c2809f25a9992e45976739f32f2e9cab161ea7df","sha256":"46350bd8be7e27ea772bdf49836ce87165677e03ef1386f4660e01564dd42150","sha512":"3911815d12f41f1fc178e72f8a33ea8f9c481612f4c62a35c3a6a4cedf050d97cdfe8c31c8639e40c133b3a94a7e3270a3c983a54a734aff2951d6362e90fcb0","ssdeep":"96:8OSquQsKe1aEHC7jPd6PP4UF9Fmk5GZZu+khzgHkAu+Wg2u6:8OSqO9kc1NuofAu+Xp6","tlshash":"f6c1aec532f1afabd84b0c3490d67ec763ee8a5591768e0bb325a093e02e8e0120d875","first_seen":"2025-08-26T17:46:37.288981Z","last_seen":"2026-06-17T16:21:16.887802Z","times_seen":93,"resource_available":false,"data":null}},"time_used":1622,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1622,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-CQOF2Sqv.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.870Z","timestamp":1781706206870,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/index-CQOF2Sqv.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-ca3\"\r\nexpires: Thu, 18 Jun 2026 02:23:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zsmP2vt4n3M32nWFvwMyK95Ie2dvZ9lFqsdY0F30h%2Beu0KniS0p7kwP374XvOQmyBfQgVBqqoApmytWQJ2pkBH4ukvLbIbcIj%2B9G1v%2B5AhKERgKTw1w%2BarEvV9ulvFE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650ff1932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3235,"size_decoded":2368,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3234)","md5":"d3468c116ed5c4fc383fb12722fa832c","sha1":"efbb34e5a739cab8bbe5d9b2a4589bcdc0c17b7f","sha256":"849c740a7dfdb8f1253d54b32dc3ac54234743ae6c826aee8fb21dc9764d25b6","sha512":"d36d761f3ec0ce2cfebbac894e996c35415770683363263dfe30d8783d6c270debcb571adeefaa900181e60d0ff3b133502f9470b2d3412628d30be3203d0702","ssdeep":"","tlshash":"2561c5dd78b7f024877148ee507f0636e23a37592408d0e4e01fcd8a3931d6ab2a7e29","first_seen":"2026-06-17T14:23:58.027816Z","last_seen":"2026-06-17T14:23:58.027816Z","times_seen":1,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/account-C5m7bkuS.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.704Z","timestamp":1781706200704,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/account-C5m7bkuS.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-450\"\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=76imUhVGR61iDCpcE3W9P7NvfxmArVgYlwgodYI6QHpWvZWNhLO1ey%2BnHhXLDnVxY4%2F5vdOnfQvhPis%2F1nfWOwJp%2BawSegXfUWPS9%2FIp7qoXWG3xqN9udXsGJpWESM4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a6eae32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1104,"size_decoded":1319,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1103)","md5":"9ac1dab4ace9c28928ed1e784e8f300a","sha1":"cf7ac7350d53609d2fb7c21a47654d6ea86e8e75","sha256":"ba537dc4fbc4a7a33c2705f078b2f514f2ae1e59c509d95623788b6a6e584d0e","sha512":"81f371e4a5fcded7805f862316ef07efe62c420c480803c6dc60e808dc995cd6c691c8f9c5a355508e40f8e0ccbd562564eab16542249ff0d3529d77b0283583","ssdeep":"","tlshash":"b411048a8e4e52f7fbb0be1260d02e03c00b6fb5aea24472f06d957351fd445c62db14","first_seen":"2026-06-17T14:23:58.030404Z","last_seen":"2026-06-17T14:23:58.030404Z","times_seen":1,"resource_available":true,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ab2a655a74f740efa2025401359375ca.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.683Z","timestamp":1781706203683,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0ab2a655a74f740efa2025401359375ca.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2527\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDC7CD23C36334D0E56\r\nAccept-Ranges: bytes\r\nETag: \"9C5D020AEC325696D1D22476E7728DA4\"\r\nLast-Modified: Thu, 03 Oct 2024 06:55:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17182148815916858481\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nF0CCuwyVpbR0iR253KNpA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2527,"size_decoded":3102,"mime_type":"image/png","magic":"PNG image data, 260 x 136, 8-bit colormap, non-interlaced","md5":"9c5d020aec325696d1d22476e7728da4","sha1":"e9ff2cdf5160142a77c449947e659627d7ee0a6e","sha256":"3fc4675d2a41c72bc9dd1c9568b0104320bc66b77a69ad6ced74fcfbf1e1d933","sha512":"a932dd67813eeebb6a1393473906fdfcb5cdda3e9428a111476983bdadf8e37f6b6a03773cb3ae4a9bba26b165697a59bf4fa86c9fc42c256246290bc397f665","ssdeep":"","tlshash":"a9514c978961de1fb26822d2c1c1b142acaafe4f117debbd90d4012ebf5c612911df4d","first_seen":"2025-08-26T17:46:37.24324Z","last_seen":"2026-06-17T14:23:58.032886Z","times_seen":76,"resource_available":false,"data":null}},"time_used":1089,"timings":{"blocked":-1,"dns":0,"connect":269,"send":0,"wait":273,"receive":0,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Frame%208-BqAgsyxz.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.731Z","timestamp":1781706203731,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Frame%208-BqAgsyxz.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1c47\"\r\nexpires: Fri, 17 Jul 2026 14:23:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WqXs0OL97EtMPgsd6Zq%2FV9DOVhf2Baz367H0B34BYsJFlylKVa6jLZzfpwYroisD6YMy3lrEmSrWV8Nlhu6uhrIWGa5p1f1HCr0zXChZt5kwmQiPBCjCGiggpLJafQw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d5a5532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7239,"size_decoded":8009,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"75a72c4dea3d1c72958d06e43d016c04","sha1":"cf235da5a62609b4906cfd3eca2815d0010e824d","sha256":"fd587397411636272992efc7f82bac757bb590dab7d43397c81c7e8fbed942e6","sha512":"0ddce061afc227f09eb29ef76f8727d4912024661382f43f130594f8215f72890154a2ca9833f6bbc5a73b52ac17b93d242cc6613667e250a97dc064870d00d2","ssdeep":"192:8OShxXd6eltxGINi4o+REDb+riYu04FZwWQnv+wPInRa:+nzduUo+tu0cZInmAAQ","tlshash":"0ee19ef5689448b39a23843608c87f70db655b776fc149a670706a890e3127d66c2bac","first_seen":"2025-08-26T17:46:37.267799Z","last_seen":"2026-06-17T16:21:16.837256Z","times_seen":93,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Low_5-CMIV401Y.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.738Z","timestamp":1781706203738,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Low_5-CMIV401Y.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-142d\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HlnJF9OVzu6BoWsY0kH693zg3Wt%2Baf%2FpQyW2kX7aPGYdCKeQK9ajNoWVyY7rb%2FzCF9S4pi22A5rTqTxkMxEN60Q5weGpBpQSz5wWIQLj7lQqraHQmP%2BNSBl762pD4fs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d5a5b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5165,"size_decoded":5963,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"8c29098b3d0e9ab466eb1881954e3d7a","sha1":"c8ff881fad14961afc827512e7aa876786992750","sha256":"d4a27de602d5c456720fad40a77b4deab49b1e79572473f835ebaa045d8d6a50","sha512":"f4f0843eed3363e5fa1723ea594014e7996b084db145b0441c9b4de081841b3b07518517424adfc1b8e35a0e2fe092f43ab261aac4b39fe2a0c0a2a8c673262b","ssdeep":"96:4SAnqpFPEsnjf4nxVqQpsje9GE2nBU2Jhe+W/WD7Y4kbPJdymXr:4SAGzMnxVGg5Qh9D040xdysr","tlshash":"04b17cd73931c365649dc920bdceb4c3c42f6038729631b90b74ed52c86b804919bf69","first_seen":"2025-08-26T17:46:37.22518Z","last_seen":"2026-06-17T16:21:16.882396Z","times_seen":93,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/Login-BwbDiHFh.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.832Z","timestamp":1781706206832,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/Login-BwbDiHFh.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-2d2b\"\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f0W73%2B2hMD2Y%2Ba0iGBxGnJMZhZKmQ5bSU84N2FapgoPGnSi7xZm6S0OpAr5vHxFXdRQxPXfPLqF329Ub4T9so0cdSuDOrb6cVw8Eq4VmQsjootKf54d%2BayD9iGlpUvI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650bf0532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11563,"size_decoded":4964,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (11556)","md5":"61212ed5840da8d15397264488f4d0de","sha1":"3becb23ddfe8054a87bc019fddb093795435db70","sha256":"eac6716e8934c8696258a7cb9bb5436b540f6283410e96d6805373b49a181b7d","sha512":"d127adf0e5e949019a38ab06458b04c9888df090750c46718b0b418ca05fd7efa9222e226fe4177aa9e94d3373646c427d4b49dee4625fac7031989e5e1ca5e0","ssdeep":"192:5MTPHgYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUgh:5jYQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"1f32b6c86512abf99bb30825b6047935b4185f99c067c48ef3f84c317bdacb66a24379","first_seen":"2026-06-17T14:23:58.036669Z","last_seen":"2026-06-17T14:23:58.036669Z","times_seen":1,"resource_available":true,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/TradeLayout-Dz-ORK-d.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.850Z","timestamp":1781706206850,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/TradeLayout-Dz-ORK-d.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-65f83\"\r\nexpires: Thu, 18 Jun 2026 02:23:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TLfvfo4mf4jEAxVrtzr%2Bqb4QNU%2FMWIn9ozqW6OnUM7o2MaWy3p%2F%2BXOYs%2FzSdmvTwgkNysa%2FG%2Bd79rPysaLCbr%2Bo5JH8qLQz1DnbZ0D3awiE6LpqViAHGZekKPCGJOCw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650df0e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":417667,"size_decoded":134492,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48052)","md5":"de4504cbaeebf2cfce6b2b85f9e4d256","sha1":"8ec50f97d8c27f03bf2289c962b969a6ebc80ad1","sha256":"334188116da05b3a162f4b89a5f458042ccc485bcfce6ed9319c8bae54fa3597","sha512":"539b7587e1d76d9f03951d05a2a1df8306a9c7656f6c2b5bc48ae4aff65bd99613bf46be84061a35103765c878825985b2618e46e5c8c6c4606a139552795620","ssdeep":"12288:gifpUPYtI6xc2J46SImhZGoR9pe1m/5sAKg:gSpUPYtI6+2J46SImhZGoR9RDn","tlshash":"4c94e580b162e53993f391b5107a0401e3197f89b40a86adf27dccd73e9ad9971baf34","first_seen":"2026-06-17T14:23:58.039223Z","last_seen":"2026-06-17T14:23:58.039223Z","times_seen":1,"resource_available":true,"data":null}},"time_used":733,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":374,"receive":359,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/ArticleViewer-BZLfb3nb.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.706Z","timestamp":1781706200706,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/ArticleViewer-BZLfb3nb.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-963\"\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XLSmNq1LRHy%2BOh2b7NDhPRoIwaQ9qE9Mm95a5Gy7brd8z5s9aRqjD6J7RMcmc%2B%2FVIuSOqNcO0fYPoWFuujcu90H68IkhhfmERhc8ja%2BnpAjvYQ%2Bmb21WL7LGT18c2Yo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a6eb032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2403,"size_decoded":1950,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2402)","md5":"86294adc21c643c1dfae3093d9590b66","sha1":"138b59c408f9f36e438862d8b2eb710054d023f7","sha256":"946708e04b78dea11ffc0fbbb8a8b46f63316293204d64f419f53d57bacdb20a","sha512":"0ec78d05b1b008cb99ef375afea45128a1690b2040c47c9ec7b317f4ce0b3867a36384b81e36df8c257d8e631c5d44c87d320746128bc3d7bebc2d3c67913fcb","ssdeep":"","tlshash":"4c41949c2076cfb896f38335b58ed6545004bbcad7118a89727e583a3fc0eb07a5c304","first_seen":"2026-06-17T14:23:58.041772Z","last_seen":"2026-06-17T14:23:58.041772Z","times_seen":1,"resource_available":true,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/PdfViewer-B45GQKhL.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.714Z","timestamp":1781706200714,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/PdfViewer-B45GQKhL.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Un3YvWHAOGweRDKYqFO3TIic0V2MTwE%2BUtZKyIJEf3JzVq6uWaMaoORQrETMstwCP6GHD9hj%2FbKOZC2iYVt2IqngA4FK%2Fnd2WQMFeXwwvrE4d4rId6EUzih%2BJuooSnU%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a313a19-ac\"\r\ncf-ray: a0d2b62a7eb632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":172,"size_decoded":870,"mime_type":"text/css","magic":"ASCII text","md5":"a07280d8c4487f94b1962d8eb4c60c95","sha1":"73584fe1844801f9c25e94ccc9dff3b20346c2fb","sha256":"cd0180dd43cdd6e4f0be1f78d4764975fd0abd9566ccf9210d4404d8e876ac98","sha512":"1b03fbfdad670899cdcf22896978f04a52fb6bbc48af9f0a6400182b7e30cbdd7d340bf4b3a082f824232134c66e891e39bcf834b4e760522d5988442d0b43b0","ssdeep":"","tlshash":"9dc04c23f185949d04125064159236fcdb3da50a634e1cf14b56f3766abd3c765364d1","first_seen":"2025-08-26T17:46:37.291739Z","last_seen":"2026-06-17T16:21:16.808751Z","times_seen":78,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/index-B4CX758G.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.717Z","timestamp":1781706200717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/index-B4CX758G.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-22b8\"\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=49I90pIt1Ux50Q9Vihm4J2psNpwGfArr%2FBCV8h5Yc%2F%2FLyBvyQwQwdShaw9JnjBQT3iBMJsKxOEFp1A1%2B0KilSzu1iH4sgehqNzCTAeKefn5gHArbRJ%2F6rDPL5gZVA%2Fo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a7eb832fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8888,"size_decoded":4469,"mime_type":"text/css","magic":"ASCII text, with very long lines (8887)","md5":"365152d1a172a0dee690e108c0e563d9","sha1":"19387e4993b29c4ed320a2b31b0d33fea2606df3","sha256":"249b413b72e45131c9a2d1360e03b90ea3b11bd380bdd877b5ab6c99fc9694b4","sha512":"838b657752953eb242073129b94d1fb5fb8f2a74e112c99ca25f34ed39e5301c9835c5d07cc4c0a16673293e84acae267d61e61bba5a77848da0a44c2a8efebf","ssdeep":"192:fpKymUJbiKnehJTJdKSme+jeH1Zpbw7GHKY:fpK/UbehJFdKW+SVZpbXKY","tlshash":"bf02b630a3181c27a277cf155694e6fc5e64a123cbf7091ce2406e28dbfa5f4122eac6","first_seen":"2026-01-30T06:58:07.052438Z","last_seen":"2026-06-17T16:21:16.817417Z","times_seen":74,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/cap02-DD81pVdb.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.726Z","timestamp":1781706203726,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/cap02-DD81pVdb.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-2472\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f917k4duQPtjNFf9X8B%2BPlgeed9sQKVEhMH%2FFSS%2FgQ6vhJw6OqjLkMsukXDznSagzJv7sOQhNtbOYF%2FfrVB8XlbnmHqITNY52zrykjk%2B7dMSarTie9aUnqywoY0gTkQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d4a4e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9330,"size_decoded":9913,"mime_type":"image/png","magic":"PNG image data, 132 x 133, 8-bit/color RGBA, non-interlaced","md5":"4ab1cf3ece753d1eb82627035c469652","sha1":"8fd4288260a2672c70428ee600390022604c5a42","sha256":"63b00e3bd41d39461d47872b23ee4a6a5a12f68cff29ce474bd400ac8c4498ff","sha512":"3c0ebdcbdf510c654de8780e0425b90c0fbce8f7c65894b7d4432b4f416dc66b26fa5b9c4c121313a10e6b736e9fde8b157bde0aca60077286dd35266de5fa7b","ssdeep":"192:RRHaX36Byum2m1yWAGebDn3stnesP3Mpb6l5tjp2GSb2lS/9HPIIu:RoGyHX1yWTWn8tne6cF6jtjzSb2lSNId","tlshash":"ee12bfc349926778264916dcb738e5807731a8920783c38ce4b5b528b1fed8c4e63f5c","first_seen":"2025-08-26T17:46:37.28042Z","last_seen":"2026-06-17T14:23:58.045584Z","times_seen":79,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/SetFundForm.vue_vue_type_script_setup_true_lang-B1zQj_P0.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.873Z","timestamp":1781706206873,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-B1zQj_P0.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-a71\"\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QPHcIJ5ubghEv3uVtisc%2FQZ7fD6LbQskNNUPywI%2BRpR1zrG5MZF4yvwU6Eyyb8GJvCm4gkE7CQmhvGLiTwDP0yQUU5dvHFL2qnW8Rs8P7ietg4EerN5YTqeZKQJ%2BZm8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650ff1b32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2673,"size_decoded":1870,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2672)","md5":"b6c4412e5755cf89f2de950a1d18d6a9","sha1":"45fce7264499509b74d116e98e07437289d5e3b6","sha256":"4edecd9ca2268573eca86301542016084a886b26e2a44427465b32f8513aec58","sha512":"c5fae7798c8e3b77db9a8d0f6f6c91860fea2d9645b4c2c397a3592a5c26255df0a96361436684a847493582a5ce9c6489288c298bd5c1c9959dcc4139b1203e","ssdeep":"","tlshash":"2051330d24b2cfff26c3a238224e6168e0c8bfcfdb309755b66d447226c99f52619a55","first_seen":"2026-06-17T14:23:58.046351Z","last_seen":"2026-06-17T14:23:58.046351Z","times_seen":1,"resource_available":true,"data":null}},"time_used":554,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":554,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/Footer-7FpDbt8J.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.711Z","timestamp":1781706200711,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/Footer-7FpDbt8J.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-2ca3\"\r\nexpires: Thu, 18 Jun 2026 02:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z7dDI6fGbjFvHHy7f3zWg57Ivbda0bYIwZ2FIFUSiUlhfOzbV%2FRmsqKwk9QbfdsKze%2B5D5dcIuAvcQcCPVFm%2BjoLwJKYJhL7f7%2B6aNYTXng7SkFdENj%2F08c097mnORw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a7eb432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11427,"size_decoded":6692,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11426)","md5":"53f2bd917ef1d01ae5051f8268fa0ad9","sha1":"f807e7d612a7cdda473fc317ad6422236af1fa58","sha256":"83c100e7efc014b22b63284418a2d3ef5af57d7f3ebbe083991b66686467096a","sha512":"2af4aafd1ec582b54eac50b8981bbb47619f1e1f6fb41059a314e851ebed45a8122f22b12a979d1a2fca86c7e39030f4db700fef1bef9026bbb58d2772e5ba38","ssdeep":"192:vMvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:0vvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"9f321904797789f9c6b784b5b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-06-17T14:23:58.048244Z","last_seen":"2026-06-17T14:23:58.048244Z","times_seen":1,"resource_available":true,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.like1688fire.cc/api/common/getCoinSecondList","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.720Z","timestamp":1781706200720,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"OPTIONS /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://aiinvest.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mGkfoo0gKtwM%2FnSHTXe8q5TcCMFf8oQZZc1d%2FJmFuwMaxhWxBJ14k87LrAJIgTjEPInq1drpsmOXSJ56x2MH7X4%2FYtz7g%2BtcS1EeftTzircN0p3dYIg4JyCYNwEPGtM2yDj6zOle7FcK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62aaab856a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":925,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":18,"send":0,"wait":617,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Frame%201-BB-vAyLS.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.727Z","timestamp":1781706203727,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Frame%201-BB-vAyLS.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1384\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mg0H5RMnBraUC9Sf9u9uYy2qwe9SXhgkPRKmtRYJY8kj1vFqjvwPx3Yirihbhzpj3ASFIZ1n6v1kGMM48CBDpkzxZ%2Bj%2FzJizjmDW2SMIlHLgnysioeL1vS7a9d9Tr1Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d4a4f32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4996,"size_decoded":5748,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"adc6a06c56ada71180d5f6aaaef2682c","sha1":"11752acaf2f9bafd7a0187cd635a299c300ec55e","sha256":"615b199dfbd53bdf6eed13bdbad7e1bc63c9d6b47b5b3941f941b83dc671390e","sha512":"766a04843d059ddfbf1e13d3b5fb00aaa98551e7db75dd84822a33ec3f3194246bc22ca8cf92a9e32f8c055670223d16014b146fc1b8344338d1941879c8b1cd","ssdeep":"96:8OSV/Ycg/JRPrmxexk/17o8HtfKyk4EW+DSSxyyd+WZe3pZ4ftOv3SG:8OSVQcgxRzO441o8NfKlbWUxprQ3pUtQ","tlshash":"31a16dc057e402f8536010362bd174af8997fced76372e8db098e37d22585a5909ecb9","first_seen":"2025-08-26T17:46:37.234646Z","last_seen":"2026-06-17T16:21:16.881688Z","times_seen":93,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Low_4-Br3Z_v1E.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.736Z","timestamp":1781706203736,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Low_4-Br3Z_v1E.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-145a\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rabFluOZ0fIFPLOaIrvxiUNyzQkhPhe99vjl57RZNw16EWWbTIYe070gwoHLqNWXS%2BoZue5P2jXAJ3YANTjCyUc6fqrL3FDrlwN9G8Y6wpyhxM0gR4r%2BkHGr58bOphU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d5a5a32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5210,"size_decoded":5992,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"95b8e27073c3c6e483b1a0609d083f9f","sha1":"2c4ef32b62fecfcb1cf70e0676f088c54a7d5fa7","sha256":"cf0f9d03ca1dbadd2bf8035de500cd44cd22693a30f552beff3c1ca19b014a5d","sha512":"bac6e493131b8b30a759e54276893c3544058d4a2540b7672013d49d5e2b3b6dd2a6ac21982e11ca156f7c7e0d8e2812b751cd6e3f8d1ac6189da8dba35c5a08","ssdeep":"96:8OSB6U77P8HDm2GqvjYUZKKmqVvLf8vPI1nlr8HznVGkvarcO12ReC5biF6vh:8OSYMPoDm2GqvLKKmqVvLf8vPIdlkEJ+","tlshash":"65b17dd37a01d0832e56b85bc39aeb609963344b87126a04edb1edcc1496ece0fd4ee5","first_seen":"2025-08-26T17:46:37.277551Z","last_seen":"2026-06-17T16:21:16.867047Z","times_seen":93,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Low_13-B2HuoVrN.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.741Z","timestamp":1781706203741,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Low_13-B2HuoVrN.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-10a6\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bQfq90KQFOdC7B6OEvy67JQXl4X1UV0BtyOxiWhsC7HzTlm6R8ryddMct3mb7s2DlZDqvrnJG%2B02FHRgPzvOavlgvy8X2cceRmRnunN3emoJFoUnWdsYORaulp%2B%2Fuvo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d6a5e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4262,"size_decoded":4981,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"1e225322486da698930459293f9cdfcc","sha1":"09ca6066e08ce08ffc2a2d04b6d14d9ec9dafe64","sha256":"8151a3f93d70e3de89de9c9e95e0bf697d1a7f541d1734ba9df79ad7c58762a2","sha512":"bf2418af78b8d093f7560802048801899d09c5a7563c91d2d419020450598059f4ac777e7437e55c1b4ca37b71b92faa1cbd119a448b1cfc42b130a0f5986d08","ssdeep":"96:8OSWmUdZeggw367qTNvFnH5FaIeZAPjseHGYderXJNHNaw360UjtZ1YttBU:8OSWPZbjH7aF+Pj9GrXJNUwK0UjiZU","tlshash":"a8914dccd8d52f85aeed6e6ad4419b55573e1dfc9c149d8a34b0884a9c4037cb120e6f","first_seen":"2025-08-26T17:46:37.269188Z","last_seen":"2026-06-17T16:21:16.874269Z","times_seen":93,"resource_available":false,"data":null}},"time_used":887,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":887,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-D3EczlsA.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.856Z","timestamp":1781706206856,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-D3EczlsA.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-5e6\"\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dVyqVxPXyk1qNG4jK7h9yeJNztYffAfmXdYr7CVm4fEl%2B45Q7q9%2B0SpYIcMY87otvA%2BFuMiaDT%2BmQms8WcicJGOiE%2BrDCF1OKG9ZXgDTctJ%2FWinnSHrbGP5%2BMZv7Lik%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650df1132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1510,"size_decoded":1601,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1509)","md5":"1b44bca12ac0c0a9b0f628dae4878efc","sha1":"82adc346d5f5def7a944d5316abd1f279bc02d8b","sha256":"d40fd8b8690ff8dd668b4b9a4249254ba24048d99ce82c18c569adaea0993c3e","sha512":"b5f034b8c46bda7f6b2fbb70f39633199959448cb0b972d589249dd8582f7c0d7bb092797b708802447a93e59871d44f83451276848cb75ff522826e851919be","ssdeep":"","tlshash":"4631320d9473cbfc95a391351b4a2168d2847fdaeb708bccf36c14723aca9b3592d640","first_seen":"2026-06-17T14:23:58.053568Z","last_seen":"2026-06-17T14:23:58.053568Z","times_seen":1,"resource_available":true,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/index-_ZQlEQoP.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.874Z","timestamp":1781706206874,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/index-_ZQlEQoP.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-7a0\"\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l6zg4kF4wnUOCvra1jEMwF80tqfoiOoRAm31mOPc39q6QDLry138KwGZmXuRFbkBoSHyEY7HW87oZNm7%2BHE9deqy5ghqECchrqUegO5OPo4lY2VBxP7%2FSI8kA6RKqVE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650ff1c32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1952,"size_decoded":1426,"mime_type":"text/css","magic":"ASCII text, with very long lines (1951)","md5":"8c2ad915b8ea855060e1d5dfb8446e7e","sha1":"faea44594e2d54856f2fa6f3e7f43058d1c5f551","sha256":"972b1e7d83c267067d143c7ac1f0b83b97c08c9542f4a6ae3234e427383f9003","sha512":"062c48fb88133fab7e7d2def69660d570e3ba3f87d6734d2225d19d278b69efd4d803236d0b0e1657dd3d9e10da037fab426154aecaa75f5ad24216dc207ac3a","ssdeep":"","tlshash":"5f4125e2b199138d33b79c3085d5e31d421af1c3e3a10bd862167bad6bc3b9a1d7d005","first_seen":"2026-05-26T16:34:37.74568Z","last_seen":"2026-06-17T14:23:58.055531Z","times_seen":7,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.like1688fire.cc/api/common/getAllSetting","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.722Z","timestamp":1781706200722,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:21 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://aiinvest.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qR1SlAsonLJ5STemwM8LG%2Fo0pnN1BlZi23OI8LngoluBdnl71Mfct%2FGxOXABe8qEOvXjRGOhM8wUtJDKSMDfZSQRccAsYhXKgolCs4rsQVkBHsR2x%2BnHZQWSHmUyPT46YL0Bf5g4zyYQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62aaaba56a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":923,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":633,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":619,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_diy_y46faqqj.js?v=1762548374","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"172.67.199.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:22.749Z","timestamp":1781706202749,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 12:14:39 GMT","end":"Wed, 09 Sep 2026 12:14:38 GMT"},"fingerprint":{"sha1":"87:B1:0B:09:14:03:BA:0D:13:3A:69:24:42:69:39:14:CE:15:CC:A9","sha256":"75:2E:E1:20:28:29:02:08:57:B1:91:A5:26:58:85:E5:28:6D:C4:30:D3:8E:6F:64:EA:CE:37:73:8C:B3:78:CE"}}},"request":{"raw":"GET /js/ai_service_diy_y46faqqj.js?v=1762548374 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 13 Apr 2026 05:10:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dc7ae1-71a\"\r\nexpires: Thu, 18 Jun 2026 02:23:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i99UUCzfVAuvxszL5t0gpIF9vRPdOtCsCru6%2BiYzoTURjFfqQrMsvxL6LwPM%2BIWHMn6ZFX8mwNnVHIx13drk8I6%2FcjGgt2lmo3Ww8X37%2BWjscDfEfcg%2Bm7dFiLMKtiWei0Ez\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b6375a4b0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1818,"size_decoded":1402,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"7d22c6b651b32b75a079b1bf27bb6802","sha1":"79270c37cbf8d3eb468e34ac18fb8867f0a79431","sha256":"a0567b165e111b66f2aff7a8eec80feff557afcaba53373c97a1fc6932375b6e","sha512":"8dacd987493a0a6379ceb313f6abfc27726224099b03fbddf2374e53ea687e0f0fd3310f1e572231c0bebafe37bd0eb1fa741726ecdddd6ef4bbb589ae842019","ssdeep":"","tlshash":"1e31ad515e9985771933322a9b3bb22cfb3127071501ae033efd6710af31e89ea65ec5","first_seen":"2026-05-26T16:34:37.738655Z","last_seen":"2026-06-17T14:23:58.056406Z","times_seen":4,"resource_available":true,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":5,"connect":21,"send":0,"wait":578,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/phone-mockup-CPfpb_e7.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.684Z","timestamp":1781706203684,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/phone-mockup-CPfpb_e7.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-3fdcd\"\r\nexpires: Fri, 17 Jul 2026 14:23:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PM2GUgpOuOcCBhBuf6L0fatAODsuov1Q6vnWEHfqUqd1pWhH7xFflYYzwKAXPvwFQVSzRMTCdVbVnpLy5NAnm%2BR6Arvg3m7m2gi0rJfj%2BlbXtCvEGpd%2B5Woe%2FITCNmQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d0a3932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":261581,"size_decoded":260387,"mime_type":"image/png","magic":"PNG image data, 520 x 1073, 8-bit/color RGBA, non-interlaced","md5":"3e14c28536628aa6f2daeb570847935b","sha1":"bec850de8e78d4e079df7a63669034ab9c2d742c","sha256":"95d3880d87d433ce0dfcf6e01249aab632f918094f177d037fce4f81aef5c548","sha512":"9eae404fdda53d8675ffb4328692d0c35a3db0269be1b1da73b0a5f1845060804d556123b2c4788f19c662af2a91ff45ce21e0af960b8ff8101495cdca47e63d","ssdeep":"6144:4WW67gM3Q5ss/10nRyw5V46IhmxEopl80:HWzaQ5sQ0Q6Xp","tlshash":"184412f4b20ae26d07969938ea0c9b45d656c3dfb08b36baf98f5046259ff314479c03","first_seen":"2025-11-30T14:17:39.769779Z","last_seen":"2026-06-17T16:21:16.823443Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1708,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":1228,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0d93b8d8c30e34b77afa3a8b564727fdc.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.695Z","timestamp":1781706203695,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0d93b8d8c30e34b77afa3a8b564727fdc.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 35456\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDCC78BAF37384BF749\r\nAccept-Ranges: bytes\r\nETag: \"1476DB13021F28F76DA2006A45212545\"\r\nLast-Modified: Sun, 20 Jul 2025 18:50:18 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3750828838912111142\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: FHbbEwIfKPdtogBqRSElRQ==\r\nx-oss-server-time: 18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":35456,"size_decoded":36032,"mime_type":"image/png","magic":"PNG image data, 652 x 651, 8-bit/color RGBA, non-interlaced","md5":"1476db13021f28f76da2006a45212545","sha1":"962eccf056ae2b9eb897a76363d1e43b8b743b20","sha256":"19dc87469e25a55d506f1a3cecbbd7a88c1cd01392384adde04749642492bf5c","sha512":"81bebdcc1c8cf8b8317e2b9de11bed0a1bdbbb7f7a6900ded26e5df992c7bea42e63c7953c8325ede83f36b106bb3f4bae327052e4997b254b54c009e8e261d1","ssdeep":"768:oJG0313ZxRicxeP1cLUPbndgZ34d+HQbqi82jPipgLraZi5fLvBeCmCmCM:oJGuMcLU7Y34d+wBrimaZilNeFFL","tlshash":"30f2be05da91156253e0fe928e8b0f99ccae3c5b7c5f1a09478633eb20bb7dc5a4607d","first_seen":"2026-03-14T09:22:23.957816Z","last_seen":"2026-06-17T14:23:58.058049Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1098,"timings":{"blocked":-1,"dns":0,"connect":266,"send":0,"wait":295,"receive":0,"ssl":536},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/XRP.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.697Z","timestamp":1781706203697,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/XRP.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 2274\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDCBC6A5B3233D13A41\r\nAccept-Ranges: bytes\r\nETag: \"674B0999F6083084A2A4B1D8B20F3BC1\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:52 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2919851811578833622\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Z0sJmfYIMISipLHYsg87wQ==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2274,"size_decoded":2822,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"674b0999f6083084a2a4b1d8b20f3bc1","sha1":"8d14a526e83604e323723b4d25f8f8066f1ede70","sha256":"632f9cacb6b3fbedece774a8d27c436f37dc359de3bb0872ea19603b70347708","sha512":"4c04d137c2448c0d52a4298c858f95c58116c1d77e75899f5acdf6bb61ed839dbdc99fd5556eb63793b81258de40e515540acaeab007da76664476c9be2e514f","ssdeep":"","tlshash":"cd414bd7c53300ed9128e735b8c3ee819c00628d183bb46b89f5ec60b2346d31a53a98","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-17T15:51:26.229163Z","times_seen":653,"resource_available":false,"data":null}},"time_used":1097,"timings":{"blocked":-1,"dns":0,"connect":272,"send":0,"wait":277,"receive":0,"ssl":548},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Frame%202-5VaDbG1-.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.728Z","timestamp":1781706203728,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Frame%202-5VaDbG1-.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1656\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qfmrqYk5YvTH3egvykxYAK0tIklGasg7w6vWOui6iJHCzki8zHuJgZidhiAQcLgVcOhBJlqph%2FfHoUvDJGQvUZ9J386KRGzBn2WSNUMhUIsU%2BQPAydPkCC%2FgqsznSio%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d4a5032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5718,"size_decoded":6469,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"5f758e18ae5e7982ead7774e8a97ef13","sha1":"a304ce7a8d6956e37c1ea3d82f6f973eb8233e90","sha256":"d2655ed85d2e3cf091024f70ce46667738e6b870ad988c9a5f8b12b0d0313951","sha512":"b3fbe74ead16f03b6546cf946a1618a78bbb6e55cc45f88c75373d12ad1de1ee4175b3657e90db6157edbee31e568f92c55f851db5cd548b8b1e79d28ea1440d","ssdeep":"96:4Sg5i+RYQPkBi5/bYtii54JP9UN/z+VVyxhSxlUXIiHDo+/aAX3+v5f9C+zEJ/Ot:4SAGxBc/vrGN/m+Sxa4Ao1A+Bf8tGl3t","tlshash":"39c19f8863f4c66000a04169a9d1c3af560cf5df01edbf947045a1d518eced6ee26efb","first_seen":"2025-08-26T17:46:37.251652Z","last_seen":"2026-06-17T16:21:16.832395Z","times_seen":93,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-KLzjwogF.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.867Z","timestamp":1781706206867,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/index-KLzjwogF.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-ba51\"\r\nexpires: Thu, 18 Jun 2026 02:23:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TOCNxX0z%2B8DvartHsNWCcjgx02Vqd8yhD9BDvyFBCFkgjlMBOEU58%2BfsmGZF3P8RZ5Z3ZZ7%2Fp3Zb%2FoAfyXusGFU487GqY%2FeVjFTZW58QGrCz8Tmd7cOLfamaYNU%2BQzI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650ef1532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47697,"size_decoded":10586,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (47696)","md5":"4540662d6e546b4f9353d0a3f9007946","sha1":"bea5ba321a16853219437cb738d28a5b511c5f23","sha256":"807e7449eef34b97de792092e35387278e00d51af043d284fda6b08c9a777cbe","sha512":"bd1002895d0f976ac9e3ffc9393975b97320291cf55e0538dd193f8acd901c744d3ea74785209462a2c75801e77e165aee6bfb48017959afb7102ec8a2dc5cab","ssdeep":"768:2F40rUC3AsTTEHfjiJo1DHpIh9RzpsSWGhC19pLln0X3fcUgkKq93:p0rUmAiGs+19pGn","tlshash":"5923832cb012cfbe9653193162ad2994e1497feec616c80af1bd18233bc2ff05e56765","first_seen":"2026-06-17T14:23:58.06087Z","last_seen":"2026-06-17T14:23:58.06087Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2749,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2749,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/index-Ccr7pMKG.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:18.559Z","timestamp":1781706198559,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/index-Ccr7pMKG.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:19 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-375cb\"\r\nexpires: Thu, 18 Jun 2026 02:23:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MscIzcFkq3WUqsXl%2FYv%2Btu2jB4EpmEEzZVRSNxWkKr8PDUSIrBvHf0WmkC9ieivfhUj22qliZ%2BdLfaZGB6OAfW8C3%2FV%2FFSrM8aeIhGuPN5c3SYtJF1qS7DeNk6FKWMk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b61cfbef32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":226763,"size_decoded":44505,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5cd36f9bd58ba003d04677478e5a2407","sha1":"bf73b20ad16033cabb9b0471ad1af12697bd0f6e","sha256":"da626e5bcc2f783fbf2d72cf7b9288af36df6fe7291007ace75571125276cda9","sha512":"c2cc1bba1d71a952709b47cafb534a2154d27ca79cd2610990d1281200d5abf3ba62ac3a9ef0e5be21558e44cf63e24b67707b00f8f94eca990e0a94ef3bc110","ssdeep":"6144:XUExgAtraQez/J6ijqI+ChRk1Cfvkauh/XJ1uhE79QQ4R8eo+Qkq7sIZ36:f+9Ic","tlshash":"5a2455bde28904e63b36cca6d374778e6039f6b1c9955d95f81b501cefc33a10682a78","first_seen":"2026-06-17T14:23:28.196692Z","last_seen":"2026-06-17T16:21:16.888514Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1077,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":843,"receive":234,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.like1688fire.cc/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.722Z","timestamp":1781706203722,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nlanguage: en\r\nlang: en\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://aiinvest.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KqdFYp6JKbgB00VI7zyoyPXixalN2zzjBeZEVDd3IZgWAURmMt1geyTIWpolyxxByfXswzMwGYakTZPr6jCBggFE4orH%2BBYh2HyoD32RW5bhT47fZCYLzQLHOgDDyz46O1ruFjzTH5So\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63ebbe556a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2434,"size_decoded":1986,"mime_type":"application/json","magic":"JSON text data","md5":"b4c9bd0d3d6d71c4eefa81feee23954d","sha1":"105f98507004a417d47feb40f8696da76866a5d4","sha256":"6971e165a2d960ddc328cd1a88d153a114c0c8ce1cc090cae4a52362e25ef91f","sha512":"ae4b50376728bdf544729932c786f94158a0a09239c688b0502a645b1e8963054375796e46a4668b82e819916a3a233089798c1739b833663184ff7cad4ec7d1","ssdeep":"","tlshash":"5e410d8f23688f75084614c326ed7ee6b36e525b86218c380556cfcc83f1ab9176b640","first_seen":"2025-08-26T17:46:37.257503Z","last_seen":"2026-06-17T14:23:58.063788Z","times_seen":15,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.like1688fire.cc/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.744Z","timestamp":1781706203744,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://aiinvest.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:23 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://aiinvest.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9kDY70qJN7GxuowD1lN7U0WX%2FTXPwiMrHOig4vkVCjBtsNF2L0ud8WjzfPa4HivsuY6mh%2FrJ04YYA6el%2BT0Baag8wVuULUAgvP4n3wzK8iDtoLHZxyUd9HWu02zqnvQgA1tCLCvSwaow\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d6bd156a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":923,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/remixicon-BVvFtaex.woff2?t=1734404658139","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.753Z","timestamp":1781706203753,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/remixicon-BVvFtaex.woff2?t=1734404658139 HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aiinvest.vip/assets/index-Ccr7pMKG.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: font/woff2\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\netag: \"6a313a19-2b2ac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UlNogHvqjr8Y0R9IR8HsUWb%2FErcifTsfSiqWxUIopH9nrXTS%2BdmHBNCNojck6nSLWRn6N27%2BmHIJlopfKmBlg3CzVtvsJlsZy3UqDaGSCXkISyB1C9Yx1tKaxZez%2BHY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 176812\r\ncf-ray: a0d2b63d7a6632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176812,"size_decoded":177550,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 176812, version 1.0","md5":"9f0118b43f57fc3ea9f55bbfb3a3b185","sha1":"f3ec7500bd2c615bba2de885d46bcaa91c20aa9b","sha256":"7ea90bbc7c505b98dd7d3a089a6fa32067e353150192951cedb05e26820936cf","sha512":"6a17cdb1c39d1638a2e69ac8c9cf15229d9f64ce9026965dd8e8878700994fd1db65f21be31e18a49ec36e0b0ca522d05ab7f3884b21a022d9ccde9795d0baab","ssdeep":"3072:8oI+omjEjOiEHbaa4yYDtZimTAj2QdJohF8EBGWXsL1u:8r+5baa4yYRTw2Q8C48g","tlshash":"300413f0eda0d72cd9c7fc12f48db606aa9c579475f790901bb0fef869ca4a8965c420","first_seen":"2024-12-20T14:28:38.376296Z","last_seen":"2026-06-17T18:09:28.712905Z","times_seen":2030,"resource_available":false,"data":null}},"time_used":1055,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":531,"receive":524,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Register-sU0WBz8v.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.848Z","timestamp":1781706206848,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Register-sU0WBz8v.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dWwU7pJ7JCf37VGmF7806%2Fw9LOZwEvaqxpg93L6hLUyS7d1rztDK1o2lxh%2BjEsC0fB%2Br9KPmPwWzcooBeBqoFnDDF5GRDqKtYyKOGAciLQuBkQAayaihonSz58awJJY%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a313a19-bd\"\r\ncf-ray: a0d2b650df0d32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":189,"size_decoded":898,"mime_type":"text/css","magic":"ASCII text","md5":"4973e00bf6456582a1ad1c4bebb670e9","sha1":"355d9c6f9e4bc05009b9052bb10b4157cb7d784f","sha256":"e9817a5b9b7fbceadde4627482218bf007a218e37820939fe18f44b3b8093116","sha512":"e7778122384be9f23b1a74c56d4beefd4144d8e6cc4e9b042a02f427c1d7d521ad8fe9bae5a4b6782996e7fc6de9677aa867b15ad3e841ce0a62bbd67ee4be54","ssdeep":"","tlshash":"9ec02202801e703a22afe39410a1828c002473efac320aac6f00310083caac0224e3cd","first_seen":"2026-05-11T12:41:59.433718Z","last_seen":"2026-06-17T14:23:58.066509Z","times_seen":16,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-CffuAbgj.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.855Z","timestamp":1781706206855,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/index-CffuAbgj.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-52290\"\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FnalDUe%2Bu%2F3I0TJgAeSXTBw4R9GlszxIRatuWrWiACDrlcsmGzmDC21fYJL2gkYDHEB4ibvn4bjQRQ6zUXHsJzyQ60%2FUkW%2BQgybcsi2WJ1urf8lMcBlnLpV6imD5VJA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650df0f32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":336528,"size_decoded":117252,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"f9f39a1a9f363be4198afd85042a5c6a","sha1":"19e3db562e9757892263ccc89960f001c45bd74b","sha256":"f38a3937a0db68af00756a6b060ebd0e259c8ef326a776033ad51c656a4e319b","sha512":"c941b6daa9febb7f4b054a8379138d0a1a2a4af73aa92ceac20516e70fce06530bcd6cabccac92db3049d1c6fc320c35d7a42c37e1f04a0dd028ea83d042245e","ssdeep":"6144:Vi9HsAKse+bX6hWtMseNYsxsNekvP61jTXLehPWf5+niXmhS0hHbYYl4UmtsRcXz:sHAse+D6hWtMseNYsGNekvC1jTbehPWp","tlshash":"d96419847252b23a83f305a2543e4405e2257f88b507c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-06-17T14:23:58.067182Z","last_seen":"2026-06-17T14:23:58.067182Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1046,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":701,"receive":345,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.043080b4dc709421a87781c67f84f316b.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.681Z","timestamp":1781706203681,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.043080b4dc709421a87781c67f84f316b.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 140059\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDC8B90443132148EFF\r\nAccept-Ranges: bytes\r\nETag: \"5DFFF9593B60761C2D121460ACFF9B10\"\r\nLast-Modified: Wed, 17 Sep 2025 05:18:41 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8499191405705657414\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Xf/5WTtgdhwtEhRgrP+bEA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":140059,"size_decoded":140635,"mime_type":"image/png","magic":"PNG image data, 451 x 451, 8-bit/color RGBA, non-interlaced","md5":"5dfff9593b60761c2d121460acff9b10","sha1":"2158f616eb05feb49ed99e8218db0f7791da38bb","sha256":"572982c291b9b7085aa08abcfee0cdda058d11d70123fe12211ae91a544b17fc","sha512":"33afdab60be985b15955334ca44a4b0ed3813c5611020d11a7c65bf91513fb5fed2f86127641bd04f35887ae376e348c12cb703dc8f5e00ca09f249de54af6d7","ssdeep":"3072:fSMBh9i++jqapKsgfYc/P+1SQ+x8I6mR92lx8v4fD321TpFdC:aMpyqaptc/SSQfK2l7LGfW","tlshash":"bed312e6e3c54eb513db32236a86c8b4822f14002bbd7545f616d6dfe0c81adad4d3e9","first_seen":"2026-03-14T09:22:23.981896Z","last_seen":"2026-06-17T14:23:57.977071Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1687,"timings":{"blocked":-1,"dns":0,"connect":278,"send":0,"wait":291,"receive":557,"ssl":561},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Low_7-MbUCZvwK.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.739Z","timestamp":1781706203739,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Low_7-MbUCZvwK.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1434\"\r\nexpires: Fri, 17 Jul 2026 14:23:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oA0E53%2BEyjp9WVOXEkuobXDTnQhhgeX%2Bp1Aue4i6ip2ZTn2RB3PMXRCD%2FboWa4UrbA9TtEQLu%2FPKGDbgchVPQ9ZwE%2BkH32%2F5ZCuurS41dmXMzju8XMUQ9%2Bp%2BcjhghQU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d5a5c32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5172,"size_decoded":5936,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"e38075ca6aec6851335c8a616c6f9496","sha1":"8152c7c77e00e84bfbf7d6f39fdded8ca7ef7c26","sha256":"6a3049f60479030d5b33caf22b842537e58c8dc871bcdfc6db2662c4edd005e1","sha512":"e5daec0492c9a3d5190d6722f142b72b6e855d97ef773601fdf8357c498ac740e7adec9a209221dec86b9d9ff6c5f4b17d729e80598d76ce858827b966aea75b","ssdeep":"96:8OSiMd9yT+70vrsi4pKQsMRjUUBdFvVhLf8Rbk/6jJ5qVVwVMUVycXg:8OSiM7xq/cRjUUtLURb7jvpMYXg","tlshash":"33b17de6e9f51f410ed83cb149fe70aede5bc07960a27e1c3468aaecc5254e38ac0941","first_seen":"2025-08-26T17:46:37.24529Z","last_seen":"2026-06-17T16:21:16.847693Z","times_seen":93,"resource_available":false,"data":null}},"time_used":3079,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3079,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/index-yBDcZlz1.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:18.557Z","timestamp":1781706198557,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/index-yBDcZlz1.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:19 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1d7eaa\"\r\nexpires: Thu, 18 Jun 2026 02:23:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oG76yYizOTX%2B4U9GAX4jFs43znUYRKzRuuGjiL8HLWz7xfP2hdnCbSKRyCr2Gv9wVDWeE1GN2mP8ID9hQVorfQuem6bkLDU3b%2FsnNZWj1rgwxkj9rjsiBEKI4nTGRF8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b61cfbee32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1932970,"size_decoded":668412,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33325)","md5":"6a67f93a4ae34adfc6dd542c1e11c082","sha1":"33397c4179f075b205a9dce21dde36c117c1d33a","sha256":"df3f122c66649c19984325811f6ff6ec2114b62c911840045ada4ec90435a029","sha512":"9ab52d067fbea6084613924ee83907109b9b881e3872838eb32f1f8018662e0e8d0f6b10e14de46633d21a68c5d1104c603ae6b9352ee3d974207fa28448f7f2","ssdeep":"24576:v0ttEDk+tnHLtb9NbVG0aX8g7knPnjjejTWlWuPtB7:v0ttEDk+tnHLtb9NJdWgnPnjjejTWlV/","tlshash":"a5256cd8b682f06107e755e540bb0006f3397e157449c0e4f6a999eb39a9e9ca273f3c","first_seen":"2026-06-17T14:23:58.069364Z","last_seen":"2026-06-17T14:23:58.069364Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":774,"receive":768,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"wss://webapi.like1688fire.cc/ws/bfc7c569-6c4a-4ff5-99dc-34d4cf52af6b","fqdn":"webapi.like1688fire.cc","domain":"like1688fire.cc","tld":"cc"},"ip":{"addr":"104.21.8.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.685Z","timestamp":1781706200685,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"like1688fire.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 22:45:13 GMT","end":"Mon, 03 Aug 2026 23:43:57 GMT"},"fingerprint":{"sha1":"55:D7:79:1E:1B:8E:4F:F3:2D:BD:0A:D6:36:D4:CE:73:BD:31:5E:10","sha256":"35:50:D0:2B:F4:72:56:1A:69:41:E7:46:04:EC:C3:4F:D7:40:66:AE:E8:48:F9:79:00:52:CD:BB:59:7A:9B:3D"}}},"request":{"raw":"GET /ws/bfc7c569-6c4a-4ff5-99dc-34d4cf52af6b HTTP/1.1\r\nHost: webapi.like1688fire.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://aiinvest.vip\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: r6FngrWJnYFUCLWD9ZnCrQ==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://aiinvest.vip\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: wrDR/CaVJh2jGwEEdnEAiejdh34=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CarGmmyrDaSGGATWP4ME9d7iDjdDo969Pp0cPEQfmT%2FXynAGhJ23EbXTQORceWdBoJpWTxowJhRx6aO0oBKy5Ld5%2FmDK9rq9ysnumJ7XNRBnZ0FJRwwAd6CarUfNG0%2F89cwt4LrrA2XZ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a0d2b63e3ae235a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1156\u0026min_rtt=1121\u0026rtt_var=378\u0026sent=5\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=3196\u0026recv_bytes=1370\u0026delivery_rate=2891119\u0026cwnd=53\u0026unsent_bytes=0\u0026cid=c715da2ac7ccb515\u0026ts=599\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":1077,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":6936,"timings":{"blocked":-1,"dns":3180,"connect":3154,"send":0,"wait":591,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/bg_1-BEkGORMz.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.676Z","timestamp":1781706203676,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/bg_1-BEkGORMz.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aiinvest.vip/assets/Footer-kqO8xzJ8.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-1b1e7\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9fCwPm4MW4hfxOs2jI2ohbmyLB8Uc6%2FmBrI1BIBiqU059prgnUwIbz8LCXU9BBHNd3rC3PQwgamZ9lLNOHdqf2BVUaOoxmygym4r2fWhGGv7Z1PLv8cj%2FwWBqWailYI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63cfa3332fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111079,"size_decoded":111609,"mime_type":"image/png","magic":"PNG image data, 1920 x 223, 8-bit/color RGBA, non-interlaced","md5":"2667011e3e80bffc8f53b439e07ed571","sha1":"95f1f9ca0d80b2a0d88b15e41ff4c0804eecbd86","sha256":"71512d4d03b324477cbaa139206155fb48617658908eb7309b2abcf7691c9258","sha512":"d3038c24866b6edacd3c1e24f83285f7a03cb14a00552290d650042c6977ada5c6ecd88e9cfb85ec027398e450aa6b1718837198f2dd070d886049d31ff041b8","ssdeep":"1536:ZeZbH5ZJim+F0K+MQpgatMdAt8SgQh4LDyOBhOHQSTUFN4DoY84bAGB8d8Zf3p75:4Zb/JipFP+btwP4uFwQpksCBhpwvIqYJ","tlshash":"8ab31284374f43b9c666bc2d4c0fb950b7a68125b124ce84dff78417716aa3e8f89e61","first_seen":"2025-08-26T17:46:37.222479Z","last_seen":"2026-06-17T16:21:16.864123Z","times_seen":92,"resource_available":false,"data":null}},"time_used":1403,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":890,"receive":513,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0d2526eb5c99542cc8ab5e2cbdf1e4ee6.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.699Z","timestamp":1781706203699,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0d2526eb5c99542cc8ab5e2cbdf1e4ee6.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 168688\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDCCE63A8383147F26A\r\nAccept-Ranges: bytes\r\nETag: \"4C5734C3C668FE8734D7ECF70296E7BE\"\r\nLast-Modified: Mon, 30 Jun 2025 04:15:59 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 451474971542513682\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: TFc0w8Zo/oc01+z3Apbnvg==\r\nx-oss-server-time: 12\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":168688,"size_decoded":169264,"mime_type":"image/png","magic":"PNG image data, 617 x 628, 8-bit/color RGBA, non-interlaced","md5":"4c5734c3c668fe8734d7ecf70296e7be","sha1":"c65176bfa1c22c9f98fbecc5e0adb55392f86558","sha256":"b1e1e0300309bf1fc2adf449101d9b84ae8ba0dc643582349f96405f34e67729","sha512":"c8815f6f23b98e10144dbffa434c270fdba5f00461d91c68ad79a55d14f5c76efee91f857b845543c3af2125d0b9de217a5d7e4de42cb9dbc19697030ec6ea53","ssdeep":"3072:rumpfsagYAbXbEjRP6EMgP9s49PYsyJN3L2AC0d8QbOH:rVfsd/E9SEZN/kNb2AnOH","tlshash":"79f32386546825e85f86b4e0f172f55401fff573c568789cb088e22e67c727a2e12ee2","first_seen":"2026-03-14T09:22:24.012777Z","last_seen":"2026-06-17T14:23:58.07143Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1907,"timings":{"blocked":1071,"dns":0,"connect":0,"send":0,"wait":293,"receive":543,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Frame%207-Y2WnO9cd.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.730Z","timestamp":1781706203730,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Frame%207-Y2WnO9cd.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-10a7\"\r\nexpires: Fri, 17 Jul 2026 14:23:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Egfa0XSifDyniQQjwtssUWJL3d4ujO%2FrEIvRDZ8yCrDksQWKbHRKI7zMFGhT%2B45zeWlt%2FjIRkU76aOOsrRdl1tyTlecSQHfn%2F67KH6v5P8s693g7LjZb09IigaLw9Ww%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d5a5432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4263,"size_decoded":5012,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"d5e5104db484a25110af449819dfd7ff","sha1":"d71c6ce1c4710fc41fd1c7e3528f71ef71cc6232","sha256":"19b5705c4832fd650e2dfa032ec9c31ae647eb51a7cfb6a8bdf91dfc3eb048b0","sha512":"4579d3e6605dceceb2d3c18ad431ad534b51f3a3a4f40dbee08820407dc3f97ce488136b6709675e6a84d6c58427a923d33fbd4ecaabe8aee935af183186c204","ssdeep":"96:4SqIjc9/X4edqkPCETKZ2OC+vk+YLoQh9skSY6gS54+rQ+:4SqIjc9/oe8kYZpV8QQh9ZSYc5xD","tlshash":"28916dc0bffd596ec8c7e8e4e585a48b6c7724acec5dc1088c71892e8575e331262b54","first_seen":"2025-08-26T17:46:37.295193Z","last_seen":"2026-06-17T16:21:16.825499Z","times_seen":93,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/index-EIHkOClp.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.868Z","timestamp":1781706206868,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/index-EIHkOClp.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-b4b\"\r\nexpires: Thu, 18 Jun 2026 02:23:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kJsgN01ITuCOAFqI5crsivO24A%2BRqE9SvTcN3yOCZa960rNFFLyD%2Bvt3HlPYDuRmpgbv%2Fqup1TP3HyVud%2F8aG0PSnT21Q5hd2jwnHRAKKH4%2BPfe4O6%2FVloYgGinAt3Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650ef1732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2891,"size_decoded":1697,"mime_type":"text/css","magic":"ASCII text, with very long lines (2890)","md5":"e2b71aaebb70e9b9a075538d0128b339","sha1":"d90b32889e7723efe1ee56f5c0118a45e31e6d2a","sha256":"1aed0258b2de3fd4ba4a2a34ffa712c6d042a2c392dfcc99ae702f4497b003f4","sha512":"18090fe93699109079a5093e809991bfe165954b651f7dee5b66b65173ae4ae1720c469c7ab49cf484140219250698a1c44459b031f956d55c7c41925da1aa46","ssdeep":"","tlshash":"e5515424b86841f79f7b936060e0470ca93d72d3df5627bd6bad11142bcbbe42ca2404","first_seen":"2026-04-28T09:02:56.135178Z","last_seen":"2026-06-17T14:23:58.073103Z","times_seen":31,"resource_available":false,"data":null}},"time_used":3300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_core.js?v=1781706203372","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"172.67.199.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.374Z","timestamp":1781706203374,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 12:14:39 GMT","end":"Wed, 09 Sep 2026 12:14:38 GMT"},"fingerprint":{"sha1":"87:B1:0B:09:14:03:BA:0D:13:3A:69:24:42:69:39:14:CE:15:CC:A9","sha256":"75:2E:E1:20:28:29:02:08:57:B1:91:A5:26:58:85:E5:28:6D:C4:30:D3:8E:6F:64:EA:CE:37:73:8C:B3:78:CE"}}},"request":{"raw":"GET /js/ai_service_core.js?v=1781706203372 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Nov 2025 06:22:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690d9033-44d2\"\r\nexpires: Thu, 18 Jun 2026 02:23:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zB1yqIscB0buajxNrYsmsRH4iww5Jm%2BCMW%2BH%2BdVPhQymcolXHK11%2FHSEsvWKLpLJD97Kh9jzuT3NijNxC7awTS3PM2aFHnrFcnqtCkW54KXcbH4SLQU2lT9gFQ%2Fyi1RM8Vm%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63b1a6a0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17618,"size_decoded":5272,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (496)","md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-06-17T15:47:22.949985Z","times_seen":109,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0faee608845cc4b4b9c961fbd0474f1b5.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.702Z","timestamp":1781706203702,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0faee608845cc4b4b9c961fbd0474f1b5.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 102705\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDC7CD23C3633C40E56\r\nAccept-Ranges: bytes\r\nETag: \"055EC81DE6B009966CAB2AD9E1ADAC88\"\r\nLast-Modified: Mon, 30 Jun 2025 04:14:01 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 707856996214351869\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: BV7IHeawCZZsqyrZ4a2siA==\r\nx-oss-server-time: 12\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":102705,"size_decoded":103281,"mime_type":"image/png","magic":"PNG image data, 543 x 543, 8-bit/color RGBA, non-interlaced","md5":"055ec81de6b009966cab2ad9e1adac88","sha1":"d7336ca0a0e29b1babb26efec5825deac50b3fdf","sha256":"e86c2197156dcc79bc9dcc7e9ced586b7634ab0f2cc45e9b9524ed39bd29823c","sha512":"63bbc840794ca70aba2cc2dcb7c9d1d45a6eedf10638ad2034b7823d6c16853dcd9cbc777c64c7587890aeeaadc7ee98b85aa23bee7890140cb00d5728078b4c","ssdeep":"1536:/jQtOufT2jfePwt0JYjnPTprTbyNlIMKu576tlUGB9WMoPz6W6YlQ3CHqfnvnf26:/Utzijaw+J+rT+wy5mDU+0Of3CunvfEW","tlshash":"a5a312d360b1906a61cc67317f77cd1a16ea61c8882223cd14b7d96fac63182944b7ff","first_seen":"2026-03-14T09:22:23.987511Z","last_seen":"2026-06-17T14:23:58.074629Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1666,"timings":{"blocked":1082,"dns":0,"connect":0,"send":0,"wait":293,"receive":291,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Low_1-6m8ONw4C.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.733Z","timestamp":1781706203733,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Low_1-6m8ONw4C.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-162e\"\r\nexpires: Fri, 17 Jul 2026 14:23:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RIwKsO73CuMA2Q77a9Cd1ROzCZqC6Xqg%2F7c%2FHqKcg3cDZuB6jb2wbWKLm3PKRVe6RUBnzWBWyk0J9Ed8H0cib47IMIxs%2F%2FDHOyl2MBgZOJEK8iayHWgABPB8hupHE9Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d5a5632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5678,"size_decoded":6441,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"5103c807ea33c534b2710ac6d158b293","sha1":"791ce9f7dab4d0fa9e1c68d9295fdbec555d599c","sha256":"f703e9a83bac8e20f95f9efab361f7d5490d3c1fc71990e0ca7d6b873a7de8f1","sha512":"5af38160b36582ae82b65694d8d559f71c505dc98e0045cafb5dee8674156a373f66e5e0901ed688f6c00767344a6f5c0f6e141ce914c8486c1b3041331bf2b2","ssdeep":"96:8OSaygjX4v9yeCz+ZZ68HHk2fWXp3+YdG2K3yZ178HnxmDZZBnDuS2:8OSco/LZZIwWd39P8HnKDU","tlshash":"4fc18cce55b2d9dcdaa41fb8234560381929e197e010bc02c935bbd42dc4509eeece3f","first_seen":"2025-08-26T17:46:37.287888Z","last_seen":"2026-06-17T16:21:16.810863Z","times_seen":93,"resource_available":false,"data":null}},"time_used":2827,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2827,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/starslist-YIJi42t6.png","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.742Z","timestamp":1781706203742,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/starslist-YIJi42t6.png HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-569d\"\r\nexpires: Fri, 17 Jul 2026 14:23:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S2uh4HevUhmpkFeUaApvZTi2hvTuhsi9VfvpOkfX%2BcpbK6C2ThMq1NyV5bjQpue4xxQOwucpmEucp2vP59ZVlg0Un%2BtQiDRgyynynpfgdDWN%2FIiN0mWwk%2BXihBNy2fY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b63d6a6032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22173,"size_decoded":20077,"mime_type":"image/png","magic":"PNG image data, 2148 x 417, 8-bit/color RGBA, non-interlaced","md5":"78382c82dad9a7dd50655f44fb82f743","sha1":"5cb4a13ba952deeec34e3c4a5f0a1a424efb1cd1","sha256":"3bb15b8fd045ea090c833d5cdce05e097a4f9556f1a74b69232968b505895609","sha512":"f2297ebeeb0a47f59cd03b6b6079b3ad6c54aa1d585416a38ba5220a0a3a34b64a63f70b28460c34739441ba5237dfc5f560adcbdb00cceb83e5508197f687f2","ssdeep":"384:JojM6hkS9bZoCrjbih/rDyNRNMlOuDZ5lxYYWZLesJeDQu:YRN3iZrg3KOoZxqODQu","tlshash":"7ca2c01a9a5eecb1f92cf0313a834d30e9694452bde0c339b542c105feab4bc86b61a5","first_seen":"2024-12-26T23:29:40.083923Z","last_seen":"2026-06-17T16:21:16.818409Z","times_seen":81,"resource_available":false,"data":null}},"time_used":1438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/login-bg-CtTnvaIr.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.834Z","timestamp":1781706206834,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\npriority: u=1,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6j84%2F%2FA4I5LV155u%2FjlzfWqFM2QLE63ZHZlZ0Lkiy0gqYKzWTxF%2BnPn745FlA2Us32%2FSRiSLiiHtTlPYGvFnQh4cp8xxqbKu7tlPuHy4vqtzp7mbgwi%2F6eI%2Fw9vvaGw%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a313a19-5b\"\r\ncf-ray: a0d2b650bf0732fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":873,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-06-17T14:23:58.077161Z","times_seen":75,"resource_available":true,"data":null}},"time_used":573,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/Login-B_SJkevf.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.841Z","timestamp":1781706206841,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/Login-B_SJkevf.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ki9TQnSrE1YiiWww2ZAiuhyWnST2oOGpBSzOelP2pdBf6ZPKHKggKGTCAxLkGrTqtzOqXTs0uaUTBXixX8Mi7AC86bxh4zHMXlq7uZ5MVV%2FsHKtqkZIYGOwTVkoljdQ%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a313a19-e5\"\r\ncf-ray: a0d2b650cf0932fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":229,"size_decoded":880,"mime_type":"text/css","magic":"ASCII text","md5":"bae627bf13d569007ee014e7d11dd7c6","sha1":"b4351e257b02d016d18e9dfffa5a140f2fdbf144","sha256":"aed61187cbecb64a4b81f27208a0f93dda0961b46cb91cb6d6519def51cee05c","sha512":"77784ddbb35fadd017a3fa5b153e82e690d61dc49e698369fa33cc6bf98bbb84f9607b94cdf6a645096fe5fb32e957e6d9a46017fc2a5303a1146275a1a1e738","ssdeep":"","tlshash":"89d0c904755e142189b7866058d1c9980aaaa3d3363b88a833c356cf6f8325a642f5c7","first_seen":"2025-08-26T17:46:37.226419Z","last_seen":"2026-06-17T14:23:58.077837Z","times_seen":75,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/js/CreateOrderModal-D7uIbsK6.js","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:26.858Z","timestamp":1781706206858,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /js/CreateOrderModal-D7uIbsK6.js HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a313a19-3f90\"\r\nexpires: Thu, 18 Jun 2026 02:23:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=1,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PuUhdr5z5cFnvkJu%2B%2FPio8%2BE4gBdrylbcCIXFti68IYpx5zMuxoJYIGeKrTUdcdCKDnX4PngLVMuJyz3Rhc1RtsIhXsnsB59QEpG5yetEuEZEX6TFoeJ7MIfxa4j2rE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b650df1232fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16272,"size_decoded":5364,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16271)","md5":"c27dc9e54a38bfc98bf701ba049c1f94","sha1":"8fa591144d3fa086867e805606a7ddeb17c09861","sha256":"7608044f895a176199085cbe4eda0bf80bb5dc8efffaed76d355128535b7cbcc","sha512":"232cd74ce340777f6483a4825bfae4a2982878a638af8207e9bd5bc210a4ef46c80a2ababf4a0fba20135feb0e4ba260af3157a737a883515628b5a794794736","ssdeep":"384:a5bMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:aBMuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"e272d93c70d0c9be9473d176a2cd68244048bfcfc6625bcef63de66415d9ca16725a2c","first_seen":"2026-06-17T14:23:58.078459Z","last_seen":"2026-06-17T14:23:58.078459Z","times_seen":1,"resource_available":true,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aiinvest.vip/assets/ForgotPassword-tn0RQdqM.css","fqdn":"aiinvest.vip","domain":"aiinvest.vip","tld":"vip"},"ip":{"addr":"172.67.198.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:20.708Z","timestamp":1781706200708,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aiinvest.vip","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 15:33:24 GMT","end":"Fri, 14 Aug 2026 15:33:23 GMT"},"fingerprint":{"sha1":"18:24:9C:3D:AC:BF:FB:31:AA:33:88:A5:79:52:CE:DA:B7:65:AC:DB","sha256":"DA:A1:3C:45:E6:17:A6:32:34:DB:96:9F:9D:68:45:71:41:29:22:B3:0C:34:18:AF:7F:13:B4:7C:10:BB:88:9E"}}},"request":{"raw":"GET /assets/ForgotPassword-tn0RQdqM.css HTTP/1.1\r\nHost: aiinvest.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 14:23:22 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 16 Jun 2026 11:57:13 GMT\r\netag: \"6a313a19-0\"\r\nexpires: Thu, 18 Jun 2026 02:23:22 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HV1rluZBh2X4Lsy%2BBZYFopLQy6zkZPIMGZDORVLnjMlO0H%2BbWtH5ibO1dTcIW%2Bg9aMA27GyfdqA4a%2FjFdoNfJ%2F4DodoTD7CypvQefJqFeQILwULUkpfY1b24iReyFws%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2b62a6eb132fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":750,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":1578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1578,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"aiinvest.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"aiinvest.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/BTC.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.210","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aiinvest.vip/","date":"2026-06-17T14:23:23.691Z","timestamp":1781706203691,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/BTC.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 17 Jun 2026 14:23:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 2691\r\nConnection: keep-alive\r\nx-oss-request-id: 6A32ADDCCE63A83831F0F16A\r\nAccept-Ranges: bytes\r\nETag: \"2EDF1EF8B333C40979976D1A49BC234C\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1939274224005843766\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Lt8e+LMzxAl5l20aSbwjTA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2691,"size_decoded":3239,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2edf1ef8b333c40979976d1a49bc234c","sha1":"d75ac12795b4a9575c874e1b190712cd62a87afc","sha256":"50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9","sha512":"f697a1fa0786316fc01003f72621920932e2657e4acf5a471e35d02717c42c9db5a12df311895a776a563dcae9b8fc0b6721833529a054b9dbfff4c52fc564d3","ssdeep":"","tlshash":"2b515ee60252267980d32438616db1e178beabb2c3021ded6c1444954acc4b62555cfa","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-06-17T17:56:01.330354Z","times_seen":21780,"resource_available":false,"data":null}},"time_used":1089,"timings":{"blocked":-1,"dns":0,"connect":271,"send":0,"wait":272,"receive":0,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}