ocsp.sectigo.com/
472 B IP
Hash dfb47def597cc9459718b55f44023a67
8c1f329fe2ec14cf23f641b97a7a79736c3d8599
9546511fc604de9001da1d0c6454a8c244338eaa684475ab039b45f43d43bd6e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Oct 2023 19:55:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 23 Oct 2023 10:19:51 GMT
Expires: Mon, 30 Oct 2023 10:19:50 GMT
Etag: "8c1f329fe2ec14cf23f641b97a7a79736c3d8599"
Cache-Control: max-age=310480,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81c541545f8f569f-OSL
200 OK 644 B URL User Request GET HTTP/2 IP
Certificate IssuerSectigo Limited
Subjectaibotinvest.com
Fingerprint3E:4E:76:1D:E3:6B:C6:BE:DF:94:83:EB:E2:EE:DF:9F:13:12:D7:F3
ValidityThu, 19 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0af6ffa042802aa47cfc2c04d07f109c
03fcb3625e34b3505eb780b9b86d7b52699fe014
8ccfd74358dff59867ca1ada092c5927fb5ea9899664796a251b24b2fd3f2058
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: aibotinvest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 26 Oct 2023 00:05:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 644
date: Thu, 26 Oct 2023 19:55:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash a7e6dc84285a2e7d15aa8afde0751d4b
5392c576e5f3980abcb99892c53a37585cecd57b
9107b66eafd000a5042343b6179e579c317a8deb6aba714b351a0f138eb7167c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Titan+One&display=swap
200 OK 839 B URL GET HTTP/2 fonts.googleapis.com/css2?family=Titan+One&display=swap
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:23:2B:8B:2D:09:6C:BB:06:7A:35:80:95:BB:F8:03:41:C8:99:2C
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT
File type gzip compressed data, max compression\012- data
Hash bb620e920e08b2febc4540e9c8358109
bced7ab67b0cdd9e13b24bfd7a61767f8d93e9c1
cceb08a0af4d16ead63a5b2bd204214fda21fe8e20e7f1cb2ccae66fb242981b
GET /css2?family=Titan+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aibotinvest.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Oct 2023 19:55:09 GMT
date: Thu, 26 Oct 2023 19:55:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 762489f21e64159610410f6912dae74b
486de8848e389dfea01157fb9dc03f270d665e27
18b5806e63a3b9836ec6007ba5d377aa1235f849c609207987c26b02bd4b9ed5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/titanone/v15/mFTzWbsGxbbS_J5cQcjClDgm.woff2
200 OK 11 kB URL GET HTTP/2 fonts.gstatic.com/s/titanone/v15/mFTzWbsGxbbS_J5cQcjClDgm.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint55:7F:79:64:ED:7A:04:50:63:54:9C:32:2A:AF:B7:95:17:D7:E0:33
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT
File type Web Open Font Format (Version 2), TrueType, length 10752, version 1.0\012- data
Hash 3b731012ac761b5cd3b97e55ac34ec0a
0b799f196deed9968266ce6e7afa28d5b8ad3aae
2f15f138af309ad659b62246999cccc2da21759ec8619d7e6ea759e8eb5a7a53
GET /s/titanone/v15/mFTzWbsGxbbS_J5cQcjClDgm.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aibotinvest.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Oct 2023 17:50:24 GMT
expires: Sat, 19 Oct 2024 17:50:24 GMT
cache-control: public, max-age=31536000
age: 525885
last-modified: Thu, 24 Aug 2023 17:46:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 762489f21e64159610410f6912dae74b
486de8848e389dfea01157fb9dc03f270d665e27
18b5806e63a3b9836ec6007ba5d377aa1235f849c609207987c26b02bd4b9ed5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 19:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aibotinvest.com/favicon.ico
404 Not Found 1.2 kB URL GET HTTP/2 aibotinvest.com/favicon.ico
IP
Certificate IssuerSectigo Limited
Subjectaibotinvest.com
Fingerprint3E:4E:76:1D:E3:6B:C6:BE:DF:94:83:EB:E2:EE:DF:9F:13:12:D7:F3
ValidityThu, 19 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: aibotinvest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aibotinvest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 26 Oct 2023 19:55:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
162.0.232.114
104.18.15.101