{"report_id":"d60d7203-7c94-4a6c-9e97-160bb9b72f21","version":6,"status":"done","tags":[],"date":"2026-03-02T13:31:14Z","url":{"schema":"http","addr":"inventmoney.icu","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"172.67.197.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"inventmoney.icu/","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"title":"The Invention Network Claim $INVENT Points – Official Airdrop Claim Portal | InventMoney","dom":{"size":25048,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (25046), with no line terminators","md5":"b5c172f19c1a19495108e1fc18505bbc","sha1":"128fa1f013ae94acf127689c192c5783a20d15ea","sha256":"63bcb1b4428c95e97ebe2a5647e7a19e0fce3cef648957d0a3e20ae3e724b252","sha512":"fa0fd93fae16d0f6a3cf7e9f96fee92d3544e4c4a75c6ff4133a66f0e5160813dcb2d8211f707e8c5dd31eaa2f491dc3cc1a42a865ae58b985902afc3cc240ae","ssdeep":"384:ruZndvUWWOhAXMVk9vjaKObvTs4OJiEzMMkAozoCms:QLWsGaKObvTs4uiEI9vzoCx","tlshash":"acb2a5239b401b3e7453c63e77c0f4c466359a029f66b267f65853708e8d5ae2e7370a","dom_hash":"domhash94655b4a8f132ab89d4e5acde4ef325a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"inventmoney.icu","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"172.67.197.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-06T13:31:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-02T13:30:51Z","timestamp":1772458251,"ip_dst":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43166,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-03-02T13:30:51.403935+0000\",\"flow_id\":1225103199951695,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.37\",\"src_port\":43166,\"dest_ip\":\"188.114.97.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"inventmoney.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":917,\"bytes_toclient\":2696,\"start\":\"2026-03-02T13:30:51.383823+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"inventmoney.icu","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-27","domain_rank":0,"first_seen":"2026-03-02T13:31:15.119266Z","last_seen":"2026-03-02T13:31:15.119266Z","alert_count":14,"request_count":14,"received_data":1688538,"sent_data":6606,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"app.inventmoney.com","ip":{"addr":"76.76.21.164","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-02T13:31:15.116353Z","last_seen":"2026-03-02T13:31:15.116353Z","alert_count":0,"request_count":1,"received_data":538,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"inventmoney.icu/","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f5b767c078c6813816231552aca1d562","sha1":"34f99579b527c24b3a5af82abb42079a0d3e1a51","sha256":"c17d50bae5a02a35e0ae5d0005c694495952f093629bb5193c668070161b0f7a","sha512":"7b4aed1d33c4891894a556505047a8f7afd72efc1c30c064b5a428fac50a5475e895f3937869de6d047128910d762069084c41d12fbacecffd43cd98e84b2e48","ssdeep":"","tlshash":"70c0125d7010696614ce687d4ccf088ebe368812a20809c999dcd4547bb1e6c42e484c","size":185,"data":"","first_seen":"2024-04-08T19:47:46Z","last_seen":"2026-06-07T00:08:21.700866Z","times_seen":667,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/swiper-10.0.4.min.js","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2665c19b362aaa342e5400ecb2f8550d","sha1":"b5037cfba6b0b0b19057e55fb5e55c6aa209992c","sha256":"ed975dfb1bcf980271228e2f84c841dc60a79f7cd2fe219b56266a0a8b308556","sha512":"49f35a809c8df540982883a00257f276df7f9a900b0267c1fd0d9d081e5a30b868a826a26c89d826861e56e4a028640dc8e492a94667331c77f39ef93d89c498","ssdeep":"1536:P6PBmcY1NLScYXYyvKOOjTlEXAx7ouyiBmkdceTdiWSWC8t2:P6nYnucYIyvZ4+hRexntU","tlshash":"d0440dd91a9591a97e4651decc72ad04e0084d23feacf0a796edfcc07129f26809b377","size":257346,"data":"","first_seen":"2026-03-02T13:31:23.81653Z","last_seen":"2026-03-02T13:31:23.81653Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"15cd86cd0bc1442e1e50ee150b01891e","sha1":"9ee7f740c42c9b8e23e0706c1ffe798e50ebfc09","sha256":"c8c461809cfcaf8637a151d43e70493869974858538530a3c05c4bd7abf9f0f7","sha512":"31944578dc2cfc8f9846f5feda0ded9edf0a876825ee68f6b6bee462511c862c992660506ae463d25a9400a9e46a9edb16c101b1e9d47bb4d04e92441f3e34b1","ssdeep":"1536:0qUuoKVLe4Dt3a+VF85iwuR61FCiwbaN21QLRBZz5B:0q5oKVLe4Dt3HVF85inN3QdBZr","tlshash":"691431e9db6680ac4e5611dec4b3f505e1185d23ceacf467da2eddc13929f26808327b","size":207955,"data":"","first_seen":"2026-03-02T13:31:23.829226Z","last_seen":"2026-03-02T13:31:23.829226Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"895f526ab37305311d1e998fa4d5a6e8","sha1":"06d0220830c81bf254c70552e908371c6dc1f18f","sha256":"90916b8b1fb2fbbd765a22eba866c30d8829f59aa2d7ee86869abd20207b2117","sha512":"6b087d2e2025f4d11073254448b124af8839ce24ff37eb45bf2fd1a2b66bee8fd4fdca2b4d23c08786d217dd71dbc660d1054b7876b37752dee3baaefdaeaa4e","ssdeep":"","tlshash":"2871bc3beb00173bdc8fa9fdced5b4c02e62497262496960691ce102a16cd7487bed88","size":3743,"data":"","first_seen":"2025-08-14T22:47:51.287187Z","last_seen":"2026-06-07T00:08:21.701832Z","times_seen":1322,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/index_2.html","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"297a907d4e5b4c2198915e66274d9c9a","sha1":"e0f98af49ab0f7a270e2d739436181f924449098","sha256":"0fdbc26d9d5bd7f6a4bc38acfb91fc663c57463d43a08447f1386b3354cd84de","sha512":"48487cbd59e60a259a5836fc0315243da500d617e94e06b3073f79bb834bd141c9e5cfb59c42a3c2086c920c21be5996e589d4658513cf31d95bfc5757a4a44e","ssdeep":"","tlshash":"1371bc3beb00173bdc8fb9fdced5b4c02e62497262496560691ce102b16cd7087bed88","size":3741,"data":"","first_seen":"2025-08-14T22:39:51.132287Z","last_seen":"2026-06-03T14:16:15.147553Z","times_seen":3139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/index_1.html","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"297a907d4e5b4c2198915e66274d9c9a","sha1":"e0f98af49ab0f7a270e2d739436181f924449098","sha256":"0fdbc26d9d5bd7f6a4bc38acfb91fc663c57463d43a08447f1386b3354cd84de","sha512":"48487cbd59e60a259a5836fc0315243da500d617e94e06b3073f79bb834bd141c9e5cfb59c42a3c2086c920c21be5996e589d4658513cf31d95bfc5757a4a44e","ssdeep":"","tlshash":"1371bc3beb00173bdc8fb9fdced5b4c02e62497262496560691ce102b16cd7087bed88","size":3741,"data":"","first_seen":"2025-08-14T22:39:51.132287Z","last_seen":"2026-06-03T14:16:15.147553Z","times_seen":3139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"inventmoney.icu/011c1fd205e85645.css","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:51.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /011c1fd205e85645.css HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:51 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V5W6uTKOKf39riYMJWIfSYx%2FmA7GtT7LkPBtagwE4%2F0I8LF9wl8NzDXl93KqESEM2hBeF5hul0dX77NnPS06lGDbvuGlNRX55HIxYjUnVw%3D%3D\"}]}\r\netag: W/\"69a21401-e3e\"\r\ncontent-encoding: br\r\ncf-ray: 9d60c229181df3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3646,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2025)","md5":"6c4b9f996d145d347082a07664b13146","sha1":"1db540c7f567f06ffd20e5197d437dfb8823b265","sha256":"69270aaa266a58208cc27441310375ffa3cd583a77e79ab10c3c4d25edd655f5","sha512":"236f32fdc04404e5ba2fd7c75a9699a61da70e91a82c7563c05e7f31d8f2b672b2aa5c2f16ae9b22659d2ffe51914463e632b31183829b2f871c65eb22422d7a","ssdeep":"","tlshash":"7771bc28412fe909d5b7cc6335ce7f536c1d90255ab95263983a2a688ddb93b13f0728","first_seen":"2026-03-02T13:31:23.815559Z","last_seen":"2026-03-02T13:31:23.815559Z","times_seen":1,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/swiper-10.0.4.min.js","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:51.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /swiper-10.0.4.min.js HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:51 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p%2BuwGFJyx2msHE6Eq6eFLhOID1aon9Ka0KgBTJbj7dkOXg3NHN4u6YmQmkWE9ccv6cQ%2FyPBScq4QvfmD0S9XNTWf8w5LG8jv2jph15nCbQ%3D%3D\"}]}\r\netag: W/\"69a21401-3ed42\"\r\ncontent-encoding: br\r\ncf-ray: 9d60c2291827f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":257346,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2665c19b362aaa342e5400ecb2f8550d","sha1":"b5037cfba6b0b0b19057e55fb5e55c6aa209992c","sha256":"ed975dfb1bcf980271228e2f84c841dc60a79f7cd2fe219b56266a0a8b308556","sha512":"49f35a809c8df540982883a00257f276df7f9a900b0267c1fd0d9d081e5a30b868a826a26c89d826861e56e4a028640dc8e492a94667331c77f39ef93d89c498","ssdeep":"1536:P6PBmcY1NLScYXYyvKOOjTlEXAx7ouyiBmkdceTdiWSWC8t2:P6nYnucYIyvZ4+hRexntU","tlshash":"d0440dd91a9591a97e4651decc72ad04e0084d23feacf0a796edfcc07129f26809b377","first_seen":"2026-03-02T13:31:23.81653Z","last_seen":"2026-03-02T13:31:23.81653Z","times_seen":1,"resource_available":true,"data":null}},"time_used":5670,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":5496,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/pc.png","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:51.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /pc.png HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 765745\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\npriority: u=4,i=?0\r\netag: \"69a21401-baf31\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=stWplYXkRwOr5RPPsHz23lqALGgL71rO%2BkjQ4a7ET%2BQ%2FBl7QLhm%2FEkHKda2ozvtpO%2FqLokzU3u5xXB25XBdECdWUZF85OK9BpLe7edA1Xw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d60c229182af3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":765745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3840 x 2160, 8-bit colormap, non-interlaced","md5":"168820c94532aaf755508b34e24240c4","sha1":"3c787d1dba62e25e4b0c780794a6d64284f990d9","sha256":"084e7f56b0e8748bdb200bbc016c85e69843d0d2bc5084ebc88d326c58c44221","sha512":"9d8b6b2f836b2f7c7607b44bd660204be357614d21955806eef3cfd36934505d803db2746fc53ea83318a2c8bedafdb7ed61ad6fc9d2548d577ab53355630292","ssdeep":"12288:oEkWQ7yEGsOa5ww/mXxqrlNHPSM9/NVdy36g5jUxgiTcPbwCYg9bUYn8KNa/VhoI:oEa7Ot4wRgrXPSK/Ldy36o8Tyn9Qu8K6","tlshash":"09f433fe91037ee3e50570bd8d4e650e57845dbfab2dd02162ab94c81a4d368e70b32e","first_seen":"2026-03-02T13:31:23.817684Z","last_seen":"2026-03-02T13:31:23.817684Z","times_seen":1,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.inventmoney.com/favicon/apple-touch-icon.png","fqdn":"app.inventmoney.com","domain":"inventmoney.com","tld":"com"},"ip":{"addr":"76.76.21.164","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:53.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.inventmoney.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 17:32:55 GMT","end":"Fri, 08 May 2026 17:32:54 GMT"},"fingerprint":{"sha1":"20:5C:62:E4:A5:0D:9A:85:4F:03:6B:07:7C:1C:C3:84:63:FA:90:C7","sha256":"5A:67:41:58:D2:ED:57:75:CF:29:40:03:02:9D:0A:FE:A1:B1:2F:86:39:79:DB:89:AE:A7:5E:00:52:D5:13:39"}}},"request":{"raw":"GET /favicon/apple-touch-icon.png HTTP/1.1\r\nHost: app.inventmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ncache-control: private, no-store, max-age=0\r\ncontent-type: text/html; charset=utf-8\r\nserver: Vercel\r\nx-vercel-challenge-token: 2.1772458253.60.ZmE1ZTVmMTlkNjU2YzE0OTI1MWYzNjk1Y2U5MmFkMzU7ZjMwNzMxZDk7NGZiMDA1ZDRlY2I3ZjIwNzY2YzM3ZWM0NDhlNDIyYzFiMGY5YzE0OTszO/Eg9vg52u73s+lcQFeFYgC9/EyqhwyWDFfal8ZUR8Qpr3O33/Ba3JN5rJTpwvg=.4a33491094240364ae590634fed2009a\r\nx-vercel-id: arn1::1772458253-FChrd3w5DSZK6RSyRzPBbtEizULzhNfB\r\nx-vercel-mitigated: challenge\r\ndate: Mon, 02 Mar 2026 13:30:53 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":34,"connect":1,"send":0,"wait":28,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/1b7a61a883328cf2.css","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://inventmoney.icu/index_3.html","date":"2026-03-02T13:30:57.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /1b7a61a883328cf2.css HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/index_3.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:57 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q%2FkhZoV0UsC4RFvbhWd0iFsgshapQ9vbJiZ8dhZX0FQ4HnfGvL9R1Wm6QonpM1JDc719thZfqzgehGJbMz08x%2F1o4UZwE1oEqCWvEQSXxg%3D%3D\"}]}\r\netag: W/\"69a21401-19add\"\r\ncontent-encoding: br\r\ncf-ray: 9d60c24fbecaf3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":105181,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65472)","md5":"955543487c3adf7a3ec9bea51ed1d438","sha1":"44b0f421f688b907645102bdbe564c7fd4215f73","sha256":"4b169a8977528f7b3914124d47aed1d8610b08e53b50983871c67322a7422f12","sha512":"09431d3e1563f54017a6d2e3295339ea48aec67abbd23be9eadf94c82feeef1a142cd26027c214e5e2f10c8ac485ae615ed50e601dc4638660bb9021c3cf5a7e","ssdeep":"3072:MGQhfVRrBCmT2WTHsQ2wTtybjrSWxDhbvgc0:MGQhfVRrEmaKtybjrSWxDhbvgc0","tlshash":"15a3711df652113f3c2780f9d25cedada116b1c0ee3a6be6be4221108ac67e35de7254","first_seen":"2026-02-25T22:05:15.604196Z","last_seen":"2026-03-02T13:31:23.819164Z","times_seen":3,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/favicon.ico","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:53.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:53 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kfGBDWOdNmuQbP3p6BxZlGAnxqTBCJ%2BxNi2Au%2BUMdbLKgwRevVM5okeO3%2BcvqU60iJlgIXYV2tL6fhHCMpMTPf4Nof7LaZZ9wZ%2Bhiotkhg%3D%3D\"}]}\r\netag: W/\"3aee-64bd55dc0fb80\"\r\ncontent-encoding: br\r\ncf-ray: 9d60c231f935f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"b5e15dd2c0180276c808df723cdb2661","sha1":"a65709676757409d332df048863bb461fdf88c3f","sha256":"85fd80723f9b44a75dea7ab7d1e39966b6609c4dc5a21211acdb56eb302e1ea3","sha512":"d7463fe15ba67646e25417dec706c499c6d3efb5eb6832bf99da7e00b6edf055d21b94d1a9b81fa4c99e1870a8873ce05897569756b6c7773d9e0e61c04b6016","ssdeep":"192:jTGBnJCVAHofWe7Mqx0PM1rTIOWqUVFz8JqeAgmzVrcriQ+eQ:jTpxMOPFEOveFwQrgmNkBQ","tlshash":"9062d7503398a54de183bfbe5a60fb3995a49fd02526d34302f1ee977e4c9d3ac805ca","first_seen":"2026-03-02T13:31:23.820386Z","last_seen":"2026-03-02T13:31:23.820386Z","times_seen":1,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/index_2.html","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:57.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /index_2.html HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:57 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F55FkFIM8al%2Fd2WB59yIjhYR%2FE74VulmAThSqZGUBPbazT3tgEzq2n1W1KNC7XjhVHKo8rBvuJJZjfkVIYxzTEtkGivcld2q5lxcTAPvLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d60c24d992ef3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60047,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (60041), with no line terminators","md5":"81fc6f25bde0976b6f1f4e4459cb4001","sha1":"cc0884cc117ef19ce1a8e15efb30dbeb60cb83c6","sha256":"c4c577d3c9cc8ffafed23d30c7637cb2308f27ab40677d09426d806b23abd9a8","sha512":"4ac9a8ec46b6ecfec3e1b7c89ddbcd4a21efb7d2678b6d41b481f1bd3fdee0b795bfc46c7e9c782db0a178cff0b50d84fa156d85502cefd08502f90792732f34","ssdeep":"768:oLWsGaKObvTs4uiE7LWsGaKObvxJuica0MD88BORpmalZuUJ9vzoCx:y0aKOby0aKObTcnuUnvzoCx","tlshash":"6543a6139ab05beb700bf7796390b6c472239b029f66b3e7e55803b14e8d5ae1e53305","first_seen":"2026-03-02T13:31:23.821291Z","last_seen":"2026-03-02T13:31:23.821291Z","times_seen":1,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/index_1.html","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:57.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:57 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ir3Ub3Unxon00EPTiDMRedwpy3Z%2FIK7VhhEGQF5tX1a9oHpYwcjEmHIJLrGdh9jtEkdMInpn762x%2FkwEj%2BEYEgvo%2BrIOUjWEcsT3a1eLvA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d60c24d9949f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60047,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (60041), with no line terminators","md5":"29b24258847d8b72bc0569bb3913cb5d","sha1":"5f614745157b342b801cefa1463aeaf44df39be7","sha256":"aef914808d1bb790fd42df49c822aa526506b1c9d6c212414b49f4e0504237ea","sha512":"d8dc2284921e22ff42be40900a5df37577311e8d1f849537e35f857210756f6458d49f4e854e089a6aadcff9843da3937182543e966b5d99c78e547279a68f66","ssdeep":"768:OLWsGaKObvTs4uiE7LWsGaKObvxJuica0MD88BORpmalZuUJ9vzoCx:c0aKOby0aKObTcnuUnvzoCx","tlshash":"4a43a6135ab05beb700bf7796390b6c472239b029f66b3e7e55803b14e8d5ae1e53305","first_seen":"2026-03-02T13:31:23.822244Z","last_seen":"2026-03-02T13:31:23.822244Z","times_seen":1,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/ee089dbe83cb6f80.css","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:51.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /ee089dbe83cb6f80.css HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:51 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g%2BN4biaf%2B2%2FVt73wWsBHGJBOWAvz9r0LIlNxdalDtfs4zGY%2Fcq9BQBvN03%2Fw8i9K9otZUcKh9NRWnZ1faKSD%2BPcCg9pzqU%2BdDkuCSWVSxg%3D%3D\"}]}\r\netag: W/\"69a21401-5ba\"\r\ncontent-encoding: br\r\ncf-ray: 9d60c2290ff3f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1466,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1465)","md5":"89ba9f4c232abb050f5240a8ba7e98c3","sha1":"bf3a6f959b5ba287b83f09b68af78140d177db31","sha256":"396061a3842bc45887996c65c6f1289f8e8c93c0894495b3d9a968d645c7613f","sha512":"aba7904689076952cf34755c3e505a54fd8269d0bb9726c418884e24fd5e8e1579792b64aee24bd81d05461e71fc8a0d3c25e8a7ebdbc86024205b2c88ccd89c","ssdeep":"","tlshash":"d231fb1c96a8010401a3c35d9ee66284c97cddc1bbb374ed37b6414f52722e9138fbad","first_seen":"2026-03-02T13:31:23.8231Z","last_seen":"2026-03-02T13:31:23.8231Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/83afe278b6a6bb3c-s.p.3a6ba036.woff2","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:57.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /83afe278b6a6bb3c-s.p.3a6ba036.woff2 HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/011c1fd205e85645.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 48432\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\npriority: u=4,i=?0\r\netag: \"69a21401-bd30\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vzbvgaRiZo6F8ppexR2P8HAW27k0tGPAM8K3DFWg%2FPVwkRQSJILRh11H%2Bvb9J1cjAAEVd7JTQ35Z33M9WYbyas%2F%2Ffz0u%2BOwmV7anYRPYjQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d60c24db989f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-06-08T21:11:02.559278Z","times_seen":64223,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":58,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/inventmoney_privy.png","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:51.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /inventmoney_privy.png HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 2247\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\npriority: u=4,i=?0\r\netag: \"69a21401-8c7\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GKuAWT4ai1%2FN7mt9fYdSKqzfqsPe7ub60rreO4f1f7Y0Ce6efkTss4p1zv7VDZBRxrnIFkwNvRdCm%2FtpzuIeIDsorrPuZnNr1bf5aL3ZSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d60c2291829f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2247,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 90, 8-bit/color RGBA, non-interlaced","md5":"8563f6b3d3ee72c51de9a95776f69a6c","sha1":"b4f0314a96ab02bfa4cdbc2cfd8ed299ef858fff","sha256":"3d4404fc37714f0fdc088c7e442fd1f968011eb9a045582f283a4642b7f4e049","sha512":"73ad85c0670ec7380981347a72b5dfc6b7531044d0760888dac825f7c160141450b88362af9eae51c7e9990d2dd2193d5bfaf9c7f534e4006189713bcd735197","ssdeep":"","tlshash":"fb41fb2e9163bc1cf92661f9504016fa7c31805de720a119622dcd96b01c85936b2cdb","first_seen":"2026-03-02T13:31:23.824513Z","last_seen":"2026-03-02T13:31:23.824513Z","times_seen":1,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/index_3.html","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:57.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /index_3.html HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:57 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ILb7Gd7iKVxO2UehUKM5vJKEaL9TxZHdn3gEQ4gBQJC09KE%2BVLcxKfOYOxbwpNrz5u4ptkceIDlmj9dEKbWHouLIrFFHA8uEoBLWtNs9Cg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d60c24d8913f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1230,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1229), with no line terminators","md5":"41eccfa816167ee362089fe4ae921979","sha1":"a2d732c71c822a3629103f43fd57d4f152326607","sha256":"5a80fe2bcbd6e5e2e59846e8cb33441c899220fd18310966333b5d7551d4796e","sha512":"0f5a3a4642eb558b97c870b37a52054ec5e7a4411b833cbb05cffff9b5e05d328f0cf0dd2a051ae1daba31810597c733a600fe8e0185a4517d040e2f12d8a3a8","ssdeep":"","tlshash":"182184f16812ed25502f77d88cca104e6d13f53ac74554ccbdd9960d8ea6a3d21129c8","first_seen":"2026-03-02T13:31:23.825386Z","last_seen":"2026-03-02T13:31:23.825386Z","times_seen":1,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/secureproxy?e=jscdn/getFile","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:57.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://inventmoney.icu/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://inventmoney.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"6hgmlt762jdxtkoeesj9\"}"}},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 02 Mar 2026 13:30:57 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AZ6GMGNETsW6BKdeX36RdCsCiasWIW7gj6i4uweQVohEpTpZVI9oOnKg6iav7MracBCon%2FNXfb6Bxc1UEy9D9v8Y7bZaO7PDbGMVAv%2Fl1Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d60c24faeacf3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":209,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"8326df29112f3972f64bbaadeeb94da4","sha1":"6cb502b1d301b5df8d21ec578aa77e7cade77df5","sha256":"7e38a03e0bdf9f191c9f7450bc51d1e62017dae9750ab76d49fe64a216e1fa28","sha512":"0b0b4a775d9fa764daaf99fbdc2a7f38194dd7b57714e3baf7782e4d39c0c412dca6736d866f607be3cc6a1a0a6a81dbe704b3fc2a5736ba4bca4f033b4aad10","ssdeep":"","tlshash":"a4d0239ed143234b402331907dc211d1145c1367b47541ec3c416445d51857dc4ca1dc","first_seen":"2025-09-10T17:19:22.029021Z","last_seen":"2026-03-02T21:29:29.706391Z","times_seen":16,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-02T13:30:51.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R4Rz80SXOH76jBzaJyWtG38iWFRR7Z29DeuIYlSbbX%2FcHKXB2IKsl6s6Md0QCgcL2x9Jy3nIBVyOvcToSKFI7XvL5mAWrj7xo%2FiQU%2F13LA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9d60c2275e639e07-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35980,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13786)","md5":"df30ec2f20e90729be8a1cd3e6738602","sha1":"10dd542a3a6f19db92659fbfcbd17188e95268e8","sha256":"8cd2dcddfde210f393055d95b3ac85f557ca1fd6806257921e08eafb8d7fb9e8","sha512":"56c174a3cf4391f02aaa801821be58f8b1d2f7878f024748441242e99d1364c20c276722560e483da4deb44aeeb71871d96412924b2dbd6f67e299c72def7acc","ssdeep":"768:R088jMfzKSoy/LrivBiJ9kR/0rUudWw4SNgpKZBa9vzoC5:ROMf2SJ/fi5iJ9kDlWBYvzoC5","tlshash":"32f25b65f2a20127912f81bfbbf6d98727b5c203a50dad647adce015cf8dee1d6b2404","first_seen":"2026-03-02T13:31:23.826798Z","last_seen":"2026-03-02T13:31:23.826798Z","times_seen":1,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":80,"dns":49,"connect":8,"send":0,"wait":63,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inventmoney.icu/3641086c13aad57a.css","fqdn":"inventmoney.icu","domain":"inventmoney.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://inventmoney.icu/","date":"2026-03-02T13:30:51.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inventmoney.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 18:10:42 GMT","end":"Thu, 28 May 2026 18:10:41 GMT"},"fingerprint":{"sha1":"69:76:47:09:D6:2F:33:83:87:ED:97:72:A2:4D:E2:E2:FF:1E:1E:EE","sha256":"85:DD:01:B1:4D:87:59:62:80:7E:51:2C:92:D9:A6:B3:46:AA:8A:15:C6:3A:72:3D:38:42:91:22:34:BB:CC:21"}}},"request":{"raw":"GET /3641086c13aad57a.css HTTP/1.1\r\nHost: inventmoney.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inventmoney.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 02 Mar 2026 13:30:51 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Feb 2026 22:00:33 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LnNbL%2BLWyGg8ZvmHeGcF4GG74p6KEBkL6WAJlurlR8UETDjV5a9UKpU5xRW1TAhh5ThsTxpVz5tlmmvv0lFk%2BffYjWU4hfY%2FvQ1b03Lwrw%3D%3D\"}]}\r\netag: W/\"69a21401-4ee47\"\r\ncontent-encoding: br\r\ncf-ray: 9d60c2290ff8f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":323143,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e66c426a5fe057b9c315e797bcbe97c0","sha1":"753ada75d625683be2cefea5e71cb92dd08c6bb1","sha256":"f9c66054493b7d1e2713e66728b855e9ab84913f26856b5b0436e30997e5a2d6","sha512":"a8bf33a5228516cb676da8016ad9d0329009d8b15277752c07bdafe770b95d9e8dd156a9acd89c0d0b9dbe301b963666b439803cb147c87ca0c55689b93bdb3d","ssdeep":"6144:GrA4WbqlicA4AKIlNnuNwAO88XDLAhfpONxiOi51hwP6j5oL/y/OC/40QkMkSSyr:JEMaDa","tlshash":"db646659b90991bf3e1b60f9a38cacedc105f0c0de3b1ab6f986812067d17f32d96654","first_seen":"2026-03-02T13:31:23.827692Z","last_seen":"2026-03-02T13:31:23.827692Z","times_seen":1,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"inventmoney.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}