{"report_id":"03fcf084-0b03-4c07-851d-8d188fed99f0","version":6,"status":"done","tags":[],"date":"2026-05-30T17:53:06Z","url":{"schema":"http","addr":"kuwinsite.ink","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"172.67.158.62","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"kuwinsite.ink/","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"title":"KUWIN🎖️ Trang Chủ Kuwin.com | Đăng Nhập KU WIN utycli [T5/2026]","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kuwinsite.ink","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"172.67.158.62","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-04T17:53:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-24T22:21:07.624228Z","alert_count":0,"request_count":1,"received_data":11856,"sent_data":501,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"kuwinsite.ink","ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-26","domain_rank":0,"first_seen":"2026-05-30T17:53:08.087567Z","last_seen":"2026-05-30T17:53:08.087567Z","alert_count":46,"request_count":46,"received_data":2462551,"sent_data":34189,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.1.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-24T22:26:02.229202Z","alert_count":0,"request_count":1,"received_data":476047,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-24T22:18:17.447529Z","alert_count":0,"request_count":6,"received_data":178746,"sent_data":3296,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kuwinsite.ink/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-31T02:00:53.771207Z","times_seen":355668,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"172.67.158.62","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dc0923c33f2f758c84c52fbb61c834a3","sha1":"b058be2d1733bff3d424d94ace699f13151e3df7","sha256":"d37ef4938c8ae1d3621058c0b807b594bdff045977dab405590883e514289ac3","sha512":"428f2cdc01d9aa9d3dc8ed5a91cbbc7bc7f1e0e05118f0d8a5e817f78b4348022cc0f7219d8362cd7295faca28e22392b2766cbeabb3b65d2387366e142294eb","ssdeep":"","tlshash":"f4d0c77df0585e5020c2607fb471a016521791b9bd941130d75ebc49ff08be546afeeb","size":215,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-31T01:40:48.051859Z","times_seen":26001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,dmFyIGZsYXRzb21lVmFycz17InRoZW1lIjp7InZlcnNpb24iOiIzLjE5LjYifSwiYWpheHVybCI6Imh0dHBzOi8va3V3aW5zaXRlLmluay93cC1hZG1pbi9hZG1pbi1hamF4LnBocCIsInJ0bCI6IiIsInN0aWNreV9oZWlnaHQiOiI3MCIsInN0aWNreUhlYWRlckhlaWdodCI6IjAiLCJzY3JvbGxQYWRkaW5nVG9wIjoiMCIsImFzc2V0c191cmwiOiJodHRwczovL2t1d2luc2l0ZS5pbmsvd3AtY29udGVudC90aGVtZXMvZmxhdHNvbWUvYXNzZXRzLyIsImxpZ2h0Ym94Ijp7ImNsb3NlX21hcmt1cCI6Ilx1MDAzQ2J1dHRvbiB0aXRsZT1cIiV0aXRsZSVcIiB0eXBlPVwiYnV0dG9uXCIgY2xhc3M9XCJtZnAtY2xvc2VcIlx1MDAzRVx1MDAzQ3N2ZyB4bWxucz1cImh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnXCIgd2lkdGg9XCIyOFwiIGhlaWdodD1cIjI4XCIgdmlld0JveD1cIjAgMCAyNCAyNFwiIGZpbGw9XCJub25lXCIgc3Ryb2tlPVwiY3VycmVudENvbG9yXCIgc3Ryb2tlLXdpZHRoPVwiMlwiIHN0cm9rZS1saW5lY2FwPVwicm91bmRcIiBzdHJva2UtbGluZWpvaW49XCJyb3VuZFwiIGNsYXNzPVwiZmVhdGhlciBmZWF0aGVyLXhcIlx1MDAzRVx1MDAzQ2xpbmUgeDE9XCIxOFwiIHkxPVwiNlwiIHgyPVwiNlwiIHkyPVwiMThcIlx1MDAzRVx1MDAzQy9saW5lXHUwMDNFXHUwMDNDbGluZSB4MT1cIjZcIiB5MT1cIjZcIiB4Mj1cIjE4XCIgeTI9XCIxOFwiXHUwMDNFXHUwMDNDL2xpbmVcdTAwM0VcdTAwM0Mvc3ZnXHUwMDNFXHUwMDNDL2J1dHRvblx1MDAzRSIsImNsb3NlX2J0bl9pbnNpZGUiOiExfSwidXNlciI6eyJjYW5fZWRpdF9wYWdlcyI6ITF9LCJpMThuIjp7Im1haW5NZW51IjoiTWFpbiBNZW51IiwidG9nZ2xlQnV0dG9uIjoiVG9nZ2xlIn0sIm9wdGlvbnMiOnsiY29va2llX25vdGljZV92ZXJzaW9uIjoiMSIsInN3YXRjaGVzX2xheW91dCI6ITEsInN3YXRjaGVzX2Rpc2FibGVfZGVzZWxlY3QiOiExLCJzd2F0Y2hlc19ib3hfc2VsZWN0X2V2ZW50IjohMSwic3dhdGNoZXNfYm94X2JlaGF2aW9yX3NlbGVjdGVkIjohMSwic3dhdGNoZXNfYm94X3VwZGF0ZV91cmxzIjoiMSIsInN3YXRjaGVzX2JveF9yZXNldCI6ITEsInN3YXRjaGVzX2JveF9yZXNldF9saW1pdGVkIjohMSwic3dhdGNoZXNfYm94X3Jlc2V0X2V4dGVudCI6ITEsInN3YXRjaGVzX2JveF9yZXNldF90aW1lIjozMDAsInNlYXJjaF9yZXN1bHRfbGF0ZW5jeSI6IjAifX0=","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"aac6d3f726a838c8d31e4e236b58cb22","sha1":"5ef51f67d94c40ddbd2a58eef58f4e0f4744c1b4","sha256":"ab7ea489a26e4d0ea76bc843a710f6610e584dd40c7c96a2aba38a1e375e8747","sha512":"b3605e7dc2c458946d23b7d9e7a2d88ba0e2728dc1a4e9cebc050fad4e42798711359ea9177ea4231aed75ffd859d23d90d5df578036ee91e57c68ce67e0e45a","ssdeep":"","tlshash":"e621ac75735ea22e90d7c18adf34ffad566631310154a110bdff8839815482832ab61c","size":1214,"data":"","first_seen":"2026-05-30T17:53:12.164556Z","last_seen":"2026-05-30T17:53:12.164556Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,ZG9jdW1lbnQuYWRkRXZlbnRMaXN0ZW5lcigiRE9NQ29udGVudExvYWRlZCIsZnVuY3Rpb24oKXtjb25zdCByZWFkTW9yZUJ0bj1kb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIucmVhZC1tb3JlLWJ0biIpO2lmKHJlYWRNb3JlQnRuKXtyZWFkTW9yZUJ0bi5hZGRFdmVudExpc3RlbmVyKCJjbGljayIsZnVuY3Rpb24oKXtjb25zdCBjdXN0b21Qb3N0PWRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoIi5jdXN0b20tdGV4dCIpO2N1c3RvbVBvc3QuY2xhc3NMaXN0LnRvZ2dsZSgiZXhwYW5kZWQiKTt0aGlzLnRleHRDb250ZW50PWN1c3RvbVBvc3QuY2xhc3NMaXN0LmNvbnRhaW5zKCJleHBhbmRlZCIpPyJUaHUgZ+G7jW4iOiLEkOG7jWMgdGjDqm0ifSl9fSk=","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"66c505bf66d4a0b90f76c149841e4b16","sha1":"fd4afb34408a476f5c024dc78ad38ee30771e2d4","sha256":"c3511bb29ce772c7756c0395ee2bdba04b9c99dd67f2215728ec8eeca00eebff","sha512":"dceddf03c10c2f760ed9545f1ebeafe35c78976cec0a44459092f7028f431b3d92d6ec0d70227085befcc1c558436469a585be9f2ea0eacb6e2f2992b6c34881","ssdeep":"","tlshash":"f7e06862e829043406c5cafd12eeb3867392d09ab980802a054cc8ac0defed515676e9","size":365,"data":"","first_seen":"2026-05-28T14:37:29.76252Z","last_seen":"2026-05-30T17:53:12.165548Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/f4f3f28c7c5e8fc07b0a06642fc642a7.js?ver=642a7","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"47a628aef2f254c32c3b5878700a42ce","sha1":"43814a498670a432b6a73cc80e67bdc738313ea2","sha256":"ea64f589334f647f2254d595466c036000a3d9150ad078a69eba7f845c0c0713","sha512":"2dad1648412fe67306b86320bc4ba90a681086b4e799528ea9783157fdc1fda64dede2e9e7958d0973156ed3d9084034422ed9c4794bedb5c7b8151917540671","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORl:5rprxaefKI0LP19m4q1WW+h4Mjw","tlshash":"5e52c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13578,"data":"","first_seen":"2023-08-09T06:09:09Z","last_seen":"2026-05-31T01:18:32.553985Z","times_seen":12614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,d2luZG93LmRhdGFMYXllcj13aW5kb3cuZGF0YUxheWVyfHxbXTtmdW5jdGlvbiBndGFnKCl7ZGF0YUxheWVyLnB1c2goYXJndW1lbnRzKX0KZ3RhZygnanMnLG5ldyBEYXRlKCkpO2d0YWcoJ2NvbmZpZycsJ0ctUVYzMVFaOEZKOScp","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"680d15061477010ac3c43e7ec54c9f08","sha1":"ef9c763e047fe0c9f6cc588e56eaeab96565e2fd","sha256":"620bd10894fc7a4f55acfc3328920c29f1d6b98a5bf49b651a56509961c8c1b3","sha512":"f921395b0bb95129d701d6c8b7c8909d74e750d317aae75ccf7fab331f5a35f1a85b6eac2de7dc78da0f7ed67f8f844c1ee0465ef95d87201553793fafc2555b","ssdeep":"","tlshash":"23c02b8c31024cb101ef07420f9f360461013000419008300422b2497411c935245844","size":132,"data":"","first_seen":"2026-05-30T17:53:12.16653Z","last_seen":"2026-05-30T17:53:12.16653Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-QV31QZ8FJ9","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.1.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e0fc8cd154e152f1ccd33cb7b8196b6","sha1":"0ff201c20e191b5f02574ebcbcd59c49190e5a31","sha256":"2e241e3e5deed8a55caaee85a44467f2574d0e939a9301488282d965774fa7bd","sha512":"48618d97c6450f6b21752f5c9beb69a5f1fad2f649c988f1629ee204d152fa0f02af601d9b5c29501091fa6820183726eaa4c7859075d97aaf5c7e07a1f41197","ssdeep":"6144:5VXRfDNalVf36lwSXbDQCtEhuX7aWCBbn95ma5V/Qo+:HWlVf36RDQZ75xl+","tlshash":"cca4e9cdb3d674625396f478503f018ba57b28e2b44cc89ab189cce42e7469a4277f7c","size":475443,"data":"","first_seen":"2026-05-30T17:53:12.137835Z","last_seen":"2026-05-30T17:53:12.137835Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"172.67.158.62","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d72b80690ba108f701c1b1a5e697720","sha1":"befbf4e1dec83cfd6b3a327a909be07a4f8ab490","sha256":"0d8bef99a34b9446ad386668c9742d804417dad6f930213a1dd1cbb8dacbd6e3","sha512":"7cc76f2ee11c4395caa4a50a63bbd1668733e4f8ba3d89189a8014364a7e93873434b7b7b7c7ab37f624d4558e064d913657c064dcc9b35f892a0f05e0991130","ssdeep":"192:q6e4j3qVXlu798fbuEO4C5/hsNs35PhSkzISM8Z:bel29YFts/Swau","tlshash":"62f153497542b57f393b7071d0af220b313970a3a84b4861e9b8f6d87c789792a23d7d","size":8109,"data":"","first_seen":"2025-07-25T05:28:04.240916Z","last_seen":"2026-05-31T00:01:03.662652Z","times_seen":22514,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"172.67.158.62","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ad81beb0a28e87fe3ce3742823d264a8","sha1":"f0aa1a71cc5d0b2b40e1b009486fc627f7703878","sha256":"10531cb9ccd59383133c85843a19c55ba0a27d1a2eb912628e9bd7f68b479aa5","sha512":"ed7834311ae7828b03aa5a7411e9f4bbf5066879ee89fe01f83fa28d1a299733d0a81eea1cc4ab97477bf80c13c5ecf94e398d95c3bd3a2911d480b651c6fb78","ssdeep":"","tlshash":"9131ee7df5291636095661fde399e341a030f0dadc428424efb5cc5ea8cce9548abdf2","size":1717,"data":"","first_seen":"2025-07-25T05:28:04.194173Z","last_seen":"2026-05-31T01:18:32.618202Z","times_seen":15619,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-31T02:00:53.771207Z","times_seen":355668,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,KGZ1bmN0aW9uKGh0bWwpe2h0bWwuY2xhc3NOYW1lPWh0bWwuY2xhc3NOYW1lLnJlcGxhY2UoL1xibm8tanNcYi8sJ2pzJyl9KShkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQp","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc7146e2b04871500c6c6b741f931d6c","sha1":"ad7647f8688c16adbf66ceb30d142bf7de5e7503","sha256":"8310c25f96c9c0baef44b5f8953d3d34399f45dad1776a46574ac2cdd4e5c428","sha512":"fd40c6ff9a4c1314e75c056a4b816230b720ad358ed98b0d186ca00e5c8d90f5dc6facd840639693dea835f8d68420922408c74a009830fe29c8fb32348f9ac6","ssdeep":"","tlshash":"f6b012343c34a42d192b600c31df436438324050f9016940d07e38844432f440701f84","size":99,"data":"","first_seen":"2023-03-07T12:02:24Z","last_seen":"2026-05-31T01:11:58.889128Z","times_seen":3891,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/a2ff28f4a2d9d7f9cb7690dd973f2e3e.js?ver=f2e3e","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"978a43bd88496a5dda55facfeba3bd72","sha1":"f760f14bc39e5a311d688e50ae5cf7ff212fbc67","sha256":"24ed39530db793490d923646b842024bc23ee28da63aaef2c6a2c37418993799","sha512":"c3ef3baa450e1caa889c8420ed096d5e4f3265f1a3bcb7cdd6dbb3973e1d9e0fc07ef5b408037c239bfe8f642baf7b94deb8415da6b95cb0da5ca8a382a37b7e","ssdeep":"","tlshash":"2331308e7b5264440392c260e13e88ad773b687b700c0e897b70bcd93ee5e2c56519ad","size":1501,"data":"","first_seen":"2023-03-07T14:00:10Z","last_seen":"2026-05-31T01:11:58.820218Z","times_seen":2196,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/9a003ffac4b22ed497976e45c55b3d37.js?ver=b3d37","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f6da96b0001a649f60dabe22852c2c1","sha1":"ed75c7bc3226c7f570c32198b90cf07bdc06a736","sha256":"cd9ad12ad36db8b0b3c170efbf3883ef728e7657b5656aab7840f51d17a789e8","sha512":"8cb3decad72ebb78949e88b8f165e3037b500ad9e7bff92c8bfc7de25c8299caab3a4f03dfd4950b9397687980df9a86215d5f64ab3b6556b1ab73dea40967af","ssdeep":"1536:IfDJqH5NQ8kNSqcp1U8EtmoYrNqK7kSBed3ZRO:MoxjUvkesedC","tlshash":"8233e728729070fd01ff61a7f13fa32432376565b0064054b53d98fa2d6ad5e26a3fba","size":52860,"data":"","first_seen":"2024-09-09T22:27:19Z","last_seen":"2026-05-30T17:53:12.161392Z","times_seen":372,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/26171eb9a9101001dc40c3599ab2c44b.js?ver=2c44b","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fbc93e722ea25342b7af79058155f827","sha1":"d256e82bb7f1b956684e6f0c87f998fecf90652e","sha256":"b692237ed6b670204fe4eb601ddc78fec3afef8cb34648c0ccea18ba28b1133a","sha512":"6a8971223f3831358031363b8bce0092520212714a3d9b425be109fbef7e51837d31383217b62131e5bd037e7af4d86c3155100ef569527b501c2ae3b8e7ef62","ssdeep":"384:71yd4Sk6FCT6IZ9bAstA3fVipSfUeGey4o+:70iSk2RIZ9MsmNqVU","tlshash":"3d62b644b2416772d3df60adc89b050ea9bbba186d05289c763bc9c98d74f0c70bfa75","size":14887,"data":"","first_seen":"2023-03-11T09:44:15Z","last_seen":"2026-05-31T01:11:58.888393Z","times_seen":2001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"172.67.158.62","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d3fb31fc4a0b37980210c57f2698989d","sha1":"82a161b3a63cf0d5a5b37e9eacdfaf298bcbb55b","sha256":"45200934a32157fcedfec503f25c156ed7a19df9a9538269e7848ad8f1adc936","sha512":"69f23736f39a72a620c7ee834ab1745e31b0289d9724365899af60148af4a28c26c7f2bfd64649776390a2301775e2c5be863604d3c932f264eaf572f0c2b3e7","ssdeep":"","tlshash":"0fe0a330f14849201040c569f274c41110b2ca85dc2aed30f38db818f830989c1b7df7","size":408,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-31T01:18:32.618735Z","times_seen":15511,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/3b5827442b2bd5d41ebff60b234c929f.js?ver=c929f","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1216b4be0933c8af46274854de21ac9c","sha1":"a77f01a150c8d534406ba1d54d00af33d7372abd","sha256":"174c79e9b08a882180cfd6b6f19c6f6cc94573134b6543b163c43b87ba06cd37","sha512":"a51c9613f108bfd3d09904a3d793ea57daf0e852374b719dec72ffb772045840a6f7e3b285d4b4103ef0b95decab6c32ec8d7815a7d94a95c3a7ea76d2131d8b","ssdeep":"","tlshash":"c710000000300000000000000000000000300000000000000000000000000000003000","size":2,"data":"","first_seen":"2023-03-07T13:10:56Z","last_seen":"2026-05-31T00:25:23.825798Z","times_seen":1415,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-includes/js/jquery/jquery.min.js","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-05-31T02:02:13.202497Z","times_seen":875392,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9820dd1581c176d3ed694c27c17c90a","sha1":"0ff123fbfccede0a2e35a0e96a7fd9d6407bfd91","sha256":"c1abb1c5dfd238fe28fdfd930789c1ced9b5fe35d4d05a1e48b23280afe64e71","sha512":"f47fb6c97d71f5b67d771a39ab68845a320dca6a94047a4da252b8cd4ec72707df60cb411e7c43a6b7dde516d212146ac93879b687095ec110fe94bd75f964dc","ssdeep":"1536:Z/0mlwxaL/hxVzKXUlTAvw3J12/tqD18+AcJQVlxdz9+rdK0:Wmlz3JZt6w","tlshash":"a923635eb2413a3941cff1a7622f464ea273206d140181acf8a9ecd65db9c8d743bf79","size":49912,"data":"","first_seen":"2024-06-20T14:33:15Z","last_seen":"2026-05-31T00:25:19.46419Z","times_seen":17249,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2026/05/kuwin-mobile-banner-2026.png","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/kuwin-mobile-banner-2026.png HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:42 GMT\r\netag: \"11b40b-6a043b06-16bd9;;;\"\r\nlast-modified: Wed, 13 May 2026 08:49:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 1160203\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4aeP%2FNNmhj6ducl5aggBldKTiFVstSOKn7qhiBhavd6fjHRv%2F9hQGUHv3gHXLHl2OsHj6GJKdtsKfYKZVC3FR%2BWzqH4vCLP1ObL7tS8biZa8Lfg%2Bv8RDLjGD3kEQEQfO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681a56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1160203,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced","md5":"28a65401783c6d5b9ec7eec27a9970b9","sha1":"91d82389846e6f73ab717173437623a23ff5852a","sha256":"abdc882c5cc98bdfac15a4e9a9acfd1b8a637152aa8223dc5a3233beaa05ab15","sha512":"d5e5f634f9c661cb00e28027f56ae3d899e9493977babca106438af405335552cfc843d35535e62555ef3b363bb96836da7cc7db62f0a4f4c95041259b96048a","ssdeep":"24576:fK7KZSMEw9BqoeNZXXOWi+FKNBtHV2GzBt5kuVWc11Ie+ZKpCYouI:fK81Ew9BENFXOW9F2BtH7t5kusc11sMW","tlshash":"432533c2b60e02c3fa129dbc7f8854fb37e5e562c160cadd5af99b45b906d207da5b00","first_seen":"2026-05-30T17:53:12.135009Z","last_seen":"2026-05-30T17:53:12.135009Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":707,"receive":1416,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:49.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"c2f8-682c79d5-83c83;br\"\r\nlast-modified: Tue, 20 May 2025 12:47:17 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 12877\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:49 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=23hON3ZBosZHlvXbckxJsAhe8Otl7s3b4K2zQKV1GOvCNfyW1cNDTdrxEdjHI6oMs4i0ptJ8Rjp7fVnACAAciUELgUHtitulHsv%2B1CjmWUicnxt6JoVPga4QZItwlFq4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f984329cc56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49912,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (49912), with no line terminators","md5":"a9820dd1581c176d3ed694c27c17c90a","sha1":"0ff123fbfccede0a2e35a0e96a7fd9d6407bfd91","sha256":"c1abb1c5dfd238fe28fdfd930789c1ced9b5fe35d4d05a1e48b23280afe64e71","sha512":"f47fb6c97d71f5b67d771a39ab68845a320dca6a94047a4da252b8cd4ec72707df60cb411e7c43a6b7dde516d212146ac93879b687095ec110fe94bd75f964dc","ssdeep":"1536:Z/0mlwxaL/hxVzKXUlTAvw3J12/tqD18+AcJQVlxdz9+rdK0:Wmlz3JZt6w","tlshash":"a923635eb2413a3941cff1a7622f464ea273206d140181acf8a9ecd65db9c8d743bf79","first_seen":"2024-06-20T14:33:15Z","last_seen":"2026-05-31T00:25:19.46419Z","times_seen":17249,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/dangnhap.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/dangnhap.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/dangky.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/dangky.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/gioi-thieu-kuwin.jpg.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/gioi-thieu-kuwin.jpg.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-includes/js/jquery/jquery.min.js","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"15601-6a03127d-849a3;br\"\r\nlast-modified: Tue, 12 May 2026 11:43:57 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 29597\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aAFK60ZPegi4Pt7s4wu37fbx1MOZkrcrB%2FFbQi%2Fub4tNLewoI4r7j6qIhYLGHaK%2BjetcgE0VhlliPBdxfhrq%2BvHnGUwTjBHh3ja7m7h0EI9ueIXAJRfQHzCCIWisLm2z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681456af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-05-31T02:02:13.202497Z","times_seen":875392,"resource_available":true,"data":null}},"time_used":957,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":955,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-QV31QZ8FJ9","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.1.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:51:35 GMT","end":"Thu, 30 Jul 2026 15:51:34 GMT"},"fingerprint":{"sha1":"4F:F6:A0:5C:88:9C:38:C1:57:D2:C2:16:50:CD:79:E3:67:50:CC:B0","sha256":"93:D6:F4:89:DB:C5:7B:E8:C8:73:F7:36:40:1B:87:32:83:AA:3F:54:8B:26:97:45:83:DB:E6:BF:FD:F5:70:33"}}},"request":{"raw":"GET /gtag/js?id=G-QV31QZ8FJ9 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nexpires: Sat, 30 May 2026 17:52:46 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 157378\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":475443,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"5e0fc8cd154e152f1ccd33cb7b8196b6","sha1":"0ff201c20e191b5f02574ebcbcd59c49190e5a31","sha256":"2e241e3e5deed8a55caaee85a44467f2574d0e939a9301488282d965774fa7bd","sha512":"48618d97c6450f6b21752f5c9beb69a5f1fad2f649c988f1629ee204d152fa0f02af601d9b5c29501091fa6820183726eaa4c7859075d97aaf5c7e07a1f41197","ssdeep":"6144:5VXRfDNalVf36lwSXbDQCtEhuX7aWCBbn95ma5V/Qo+:HWlVf36RDQZ75xl+","tlshash":"cca4e9cdb3d674625396f478503f018ba57b28e2b44cc89ab189cce42e7469a4277f7c","first_seen":"2026-05-30T17:53:12.137835Z","last_seen":"2026-05-30T17:53:12.137835Z","times_seen":1,"resource_available":true,"data":null}},"time_used":599,"timings":{"blocked":224,"dns":0,"connect":32,"send":0,"wait":50,"receive":87,"ssl":203},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/dangky.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/dangky.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"1f62-689dcf16-86640;;;\"\r\nlast-modified: Thu, 14 Aug 2025 11:57:10 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8034\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:48 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=le0azzmflqcyfRk3hLBB6KW%2F%2FOH2Qd%2FMXMU31SCZm%2FUsdw36OYXAUis4GO7YuKHLOcu%2BPcRBU1p%2F9o%2BxrwNQiFNrQBdYkc6QF6EDXL0m%2BRldVHdc7HEAKYZfDYH8CzxB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f9840b9a256af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8034,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"29e656358926789a78d359b64ea62443","sha1":"39f8f9613aa6cfd16c3e6421cb68a859334359b4","sha256":"40d2ada663b8db8870d7917bbd2fc6686f98de92ef981de8421fa6c15469746f","sha512":"a465679d472c80e1d9d8df49c08ed6c784d1805d8b3b0769c808908e39d2ad6f88d79ab65fe792b784da2fd142bab51c2f446df1062167e285be47ae64560407","ssdeep":"192:SMGhVcU40KqAIjp9nwoWalvCNTUZcb3a9S4larRF:7qVcU40KEjcbTjqUIatF","tlshash":"1ef19f45b6c926be12cb2431255aed9cbb70f852223afdbbd30c61279c61889da102d7","first_seen":"2026-05-30T17:53:12.138774Z","last_seen":"2026-05-30T17:53:12.138774Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/ruttien.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/ruttien.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"1d10-689dcf0d-865d9;;;\"\r\nlast-modified: Thu, 14 Aug 2025 11:57:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7440\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:48 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qbxIBa%2FZXtURP3KHIesEPfHVMNoqGXAbgJ1jv%2FLlN7SbtFeQnsoNQ1Z0yDRLsbVKFQAvYBM1CYk5BlyF1YKvZDm8DV5DBd5UHaopDDsy6Tu%2BceLdZDRJA7RY1o6nCzmF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f9840b9a456af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7440,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4431cf0ab3bfa8a546723805e2be2101","sha1":"b0451d788fe7f42fc6dd1b454832d899226ee516","sha256":"d8cdbcc3a6434231cf80b91a5fc5187c03d09895fb960ff8922e9f640b1ea20f","sha512":"7b85a4e2106a2ccb04abb10757e2b17f9edad6b7dd8038a918c22c9022eb8554f311137e94e120a83adf7c1cd48b0cc5288e803a38da6b34da5f1ac0d409bbe7","ssdeep":"192:QXVzjJXoISSZED/LU/ZEMwWIgx4IOHh5kZ5V2:WP/hZILU/ZEip4IOH3kZy","tlshash":"bee1ae3a2fb53cc3a389812c17afb7a9cd021661aaf4f81c0d9d271e5b54045bc3249d","first_seen":"2026-05-30T17:53:12.139827Z","last_seen":"2026-05-30T17:53:12.139827Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/kuwin.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/kuwin.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"9e6-682c7d34-86661;;;\"\r\nlast-modified: Tue, 20 May 2025 13:01:40 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2534\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:45 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 0\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8fOfM3gP%2F3yudMiqfpoiw8%2Bi%2FKlliKXuAaezzWCVLdjHLGGXhayybNuuhyRL%2FNjRfq8TET9iPCgvXGwJmR%2BqDhrFKlsOSOF7eJc8j5jX4LLy6grlZwyhVfflSBrvtbFn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681756af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2534,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"050831f05ffca986dfc341349a29a4ad","sha1":"058e35c1a6f31f736844cc737ca347cb949fccd9","sha256":"0c36c1703e69515fbadbe263227b12243d53eb4dd43790b625e82248c531beee","sha512":"3716973546067cfcf84e020c4d8203a4851031b1b7b3e3e672ca1aa69bdf8ec553478cbd186d82335104f06578f805c19a1e0852647d4ef7e66c57d2b2586efd","ssdeep":"","tlshash":"6b514a94482080b5b0a9953d8ff3d258cc89bf8b7eb91d2a4e072cbb802915075236ba","first_seen":"2026-05-16T04:26:49.826384Z","last_seen":"2026-05-30T17:53:12.140901Z","times_seen":4,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/AnyConv.com__kuwin-3-1536x360.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/AnyConv.com__kuwin-3-1536x360.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"ff0e-682d9359-865b2;;;\"\r\nlast-modified: Wed, 21 May 2025 08:48:25 GMT\r\ncontent-type: image/webp\r\ncontent-length: 65294\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:45 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 0\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4iBKU7TvINsJmDxkdVOSZ1ggO%2Bvow%2Ff%2BjwVHDMBJWHorj%2FWFLJDAzHQ8IgBb%2BOSiwpW53GqC2VSJKXpPpNB5DhBJlYkOb9ilQGRMp2P%2BbCzwikUz1X2NB2qa61%2Flm104\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681856af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65294,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1536x360, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"29938462debbf696d6a3658a5c9ca0e2","sha1":"bfbec91a0d6ebf0316aa480c3a732f1c79f81663","sha256":"ce320ad6351bef9975b9e2826b8160cd85ddd7e7034ac861aa5905ef34066c85","sha512":"5f573ae7799a89ecd48e37c7b80590d53e9b12001d82c1994d39156abe66c495db2fa682466d01d4552840add95574db73a2409a6020289e69f9db74a65845cb","ssdeep":"768:k5oNDP66WiucFkZMBXX8Rgj7NLaK1W+KJGjE5v0iuAoo4wxpDrZvawNNMMQZmEgS:PNuxncqMRXK8qGNAXxpDZauMMQMEpkS","tlshash":"fc5302100666263738569fecb4db70c947f03fa6a66e6efcb094b25b4c8dda74172c90","first_seen":"2026-05-30T17:53:12.141982Z","last_seen":"2026-05-30T17:53:12.141982Z","times_seen":1,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/a2ff28f4a2d9d7f9cb7690dd973f2e3e.js?ver=f2e3e","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/litespeed/js/a2ff28f4a2d9d7f9cb7690dd973f2e3e.js?ver=f2e3e HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"5dd-6a1b23e9-8ae9a;br\"\r\nlast-modified: Sat, 30 May 2026 17:52:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 670\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8%2B63%2B%2FfCvvvc8fpEpB7zaJrsoashc1kJK6FytaWs%2BdCPoLN6bu84eNurDs84vgH8ApujUSBw9IDTmVBUbj2zPPdAc%2FKbCHv%2B%2BRaLgMl4VLwVDdUVNQh0YeXz1Tc%2B6jvR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681d56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1501,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1464)","md5":"978a43bd88496a5dda55facfeba3bd72","sha1":"f760f14bc39e5a311d688e50ae5cf7ff212fbc67","sha256":"24ed39530db793490d923646b842024bc23ee28da63aaef2c6a2c37418993799","sha512":"c3ef3baa450e1caa889c8420ed096d5e4f3265f1a3bcb7cdd6dbb3973e1d9e0fc07ef5b408037c239bfe8f642baf7b94deb8415da6b95cb0da5ca8a382a37b7e","ssdeep":"","tlshash":"2331308e7b5264440392c260e13e88ad773b687b700c0e897b70bcd93ee5e2c56519ad","first_seen":"2023-03-07T14:00:10Z","last_seen":"2026-05-31T01:11:58.820218Z","times_seen":2196,"resource_available":true,"data":null}},"time_used":755,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":755,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/css/e40bbe5c71f290815327d6c91f56a7a5.css?ver=6a7a5","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/litespeed/css/e40bbe5c71f290815327d6c91f56a7a5.css?ver=6a7a5 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:42 GMT\r\netag: \"0-6a1b23e9-8ae8c;;;\"\r\nlast-modified: Sat, 30 May 2026 17:52:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 0\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:48 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O4BPWL3XDhnOp6bTxg0Z5%2FXR%2FY8ioFAmutCDBe6CufdmF7SjDOawBwrp8%2BtK4LUFIeJiK%2B%2Bjw7a7oiZTqn%2FfMo5n8WQhrwE56lwA0wSS63Zzdl9T4ZfwIUxg%2FNFk6Pez\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e581356af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":2748,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2748,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:40 GMT\r\netag: \"1d88-682c79d5-83d22;;;\"\r\nlast-modified: Tue, 20 May 2025 12:47:17 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 7560\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:48 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 4\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p8Jr5hJGOWjgKStynTUC%2BvEB%2Fkt4z7kEne6MUOQ2%2B6h7GDRYqU3MsMGw0kSWqLNNSziDwI4G3VFrKJDIcrus40ey%2BJUhz1x1e8pWFx9iN0NLyg2YWSFUWzn%2FyLIyuy%2Fz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f9840799e56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7560,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7560, version 1.0","md5":"7db70d75ed20d444c694d6aad85ce18b","sha1":"01d64f5ed7777e34c148c83595b877d0f6272d4b","sha256":"3c5b7d55b56f4bdee9e362078497694a9605b716868eb907b7e9c39bc5b5b9cc","sha512":"ad05e1701fe81d050b8db6574c28d9ce9c12242fb4cf4d6d4c5746829574ac2b38029cccb255d21c4b0c2d60d73854894c5043245c3ccd733017b60d1ff361a4","ssdeep":"192:mdZdmp7xgnbaRx9fo1JQrUo2Vfah48R+Q/BE99D5q7PKJ4:+ZYpsbaRxphAYhbRD/BE99Ep","tlshash":"faf1afddfd527b7bd2d1d126394007c838cad44919901cc2aaaf2f2933a3c569db27ad","first_seen":"2024-06-20T14:33:16Z","last_seen":"2026-05-31T01:10:15.614463Z","times_seen":19776,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:40 GMT\r\netag: \"1d88-682c79d5-83d22;;;\"\r\nlast-modified: Tue, 20 May 2025 12:47:17 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 7560\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:44 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UO6OObVacLhJ5nde8npsbL0zkKsNeUyqngLhQqMPqwJio1FTzM9mMbR5KYeF8s78PWGQlxq2yfNPgTkv6vfMnKMNTUUxZcwZhrSLYy0BE1qhI4BmEZF82Wy3oAT5yowB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f9823befa5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7560,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7560, version 1.0","md5":"7db70d75ed20d444c694d6aad85ce18b","sha1":"01d64f5ed7777e34c148c83595b877d0f6272d4b","sha256":"3c5b7d55b56f4bdee9e362078497694a9605b716868eb907b7e9c39bc5b5b9cc","sha512":"ad05e1701fe81d050b8db6574c28d9ce9c12242fb4cf4d6d4c5746829574ac2b38029cccb255d21c4b0c2d60d73854894c5043245c3ccd733017b60d1ff361a4","ssdeep":"192:mdZdmp7xgnbaRx9fo1JQrUo2Vfah48R+Q/BE99D5q7PKJ4:+ZYpsbaRxphAYhbRD/BE99Ep","tlshash":"faf1afddfd527b7bd2d1d126394007c838cad44919901cc2aaaf2f2933a3c569db27ad","first_seen":"2024-06-20T14:33:16Z","last_seen":"2026-05-31T01:10:15.614463Z","times_seen":19776,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":249,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/AnyConv.com__kuwin-3-1536x360.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/AnyConv.com__kuwin-3-1536x360.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:49.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"c2f8-682c79d5-83c83;br\"\r\nlast-modified: Tue, 20 May 2025 12:47:17 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 12877\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:49 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CZIa0OXP2t2exAGaRRMBcqpRceTj0m%2BL3HU2CrZcZ%2BeXBWfU8NyL3SkjkUt51RyKfObsYt0Rv%2F%2Bvqipia25hMVjn6dsqCTrnVJrfC0TDVhZZEotf8Z5kQvQY5ZI%2BxieG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f984259c056af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49912,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (49912), with no line terminators","md5":"a9820dd1581c176d3ed694c27c17c90a","sha1":"0ff123fbfccede0a2e35a0e96a7fd9d6407bfd91","sha256":"c1abb1c5dfd238fe28fdfd930789c1ced9b5fe35d4d05a1e48b23280afe64e71","sha512":"f47fb6c97d71f5b67d771a39ab68845a320dca6a94047a4da252b8cd4ec72707df60cb411e7c43a6b7dde516d212146ac93879b687095ec110fe94bd75f964dc","ssdeep":"1536:Z/0mlwxaL/hxVzKXUlTAvw3J12/tqD18+AcJQVlxdz9+rdK0:Wmlz3JZt6w","tlshash":"a923635eb2413a3941cff1a7622f464ea273206d140181acf8a9ecd65db9c8d743bf79","first_seen":"2024-06-20T14:33:15Z","last_seen":"2026-05-31T00:25:19.46419Z","times_seen":17249,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:43.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Mon, 01 Jun 2026 17:52:43 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eXmQW%2B77sFawu4zUtxWrRUYGQrZA0NwT0zYukL9LYVxNluATszDWmuu2XnqZ59FzA3OICmpLfFpiQATYoq1KulLbIq57YWa5Iy6mFuNkJSRJl2wSaBvB2ExCGjszzINS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-xss-protection: 1; mode=block\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Sat, 30 May 2026 17:52:43 GMT\r\ncf-ray: a03f981d1d4e5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-31T02:00:53.771207Z","times_seen":355668,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/taiapp.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/taiapp.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/3b5827442b2bd5d41ebff60b234c929f.js?ver=c929f","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/litespeed/js/3b5827442b2bd5d41ebff60b234c929f.js?ver=c929f HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"2-6a1b23e9-8ae98;;;\"\r\nlast-modified: Sat, 30 May 2026 17:52:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1wdRgQb6cf%2F4wUXPdtdmQQFMmG5n598Oyj83TkLQxV79GhWxPsGlpm6hp9ac7sG6u9wh2CrpS7K7ZUfiNmOb%2BDJ5C%2FlLMU9jM5%2F8tgpDeNi9an%2FWcKSfT7FxHTNxmjrg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681656af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"1216b4be0933c8af46274854de21ac9c","sha1":"a77f01a150c8d534406ba1d54d00af33d7372abd","sha256":"174c79e9b08a882180cfd6b6f19c6f6cc94573134b6543b163c43b87ba06cd37","sha512":"a51c9613f108bfd3d09904a3d793ea57daf0e852374b719dec72ffb772045840a6f7e3b285d4b4103ef0b95decab6c32ec8d7815a7d94a95c3a7ea76d2131d8b","ssdeep":"","tlshash":"c710000000300000000000000000000000300000000000000000000000000000003000","first_seen":"2023-03-07T13:10:56Z","last_seen":"2026-05-31T00:25:23.825798Z","times_seen":1415,"resource_available":true,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/dangnhap.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/dangnhap.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"1c7e-689dcf13-864b8;;;\"\r\nlast-modified: Thu, 14 Aug 2025 11:57:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7294\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:48 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e5RBdmkY15%2BkaiHHnsVtS618MOEhuhE%2BRUsfs2xxw8ft1aSaNrKi%2FMwukGzCG8ILzdZJluax16mHjtlXmn5vLAnMtTiKMxhwdTcsUmejDjMipXtZ5ncoMl%2Fp9t47McOi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f9840b9a556af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7294,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5f50376c08981defad1358b5933fa9d2","sha1":"a1b632d24b3efaa6d926be9d9df3614e2d0c9058","sha256":"177e73bc0ac1ee16fe412f2a20cc46c7761b0ea62777c78bf7eb21c9b4324c21","sha512":"fab27538fb4b60a0313b502ff2daf9798b07e5db869b606d77d06185baaa3329ae6e800e168a7a2a917e0d480b62fecf4529685edc2b91f1ac27bf86b48474d0","ssdeep":"192:W8UuKzNB4qni+TK9MqzoBE7Hbm55lW5TuPnfh61GuY+fn:LwflFmOqoCuk5yB61jDn","tlshash":"60e1aed0a3959bbd818f17300b0935e23cc88d9e515ae36792d87880ab845c3f74e781","first_seen":"2026-05-30T17:53:12.145222Z","last_seen":"2026-05-30T17:53:12.145222Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/naptien.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/naptien.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"2be6-689dcf10-8661d;;;\"\r\nlast-modified: Thu, 14 Aug 2025 11:57:04 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11238\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:48 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zgiCxF54dWphuuP2a6KFItmkP1iJjprK327vw%2BtHBrbHa3%2B%2BO5bY%2BUFdAIN84NepOT%2Boh%2BEpLMwaLOZOvGZGjENcrKaKsEyk%2Fa0v1DA6hu8QZWECQlV%2BPKqvAdbMzNE1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f9840b9a356af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11238,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0ac6d2b6202b68d37a835ee4504e8d3a","sha1":"d1c6f262560a1a0a21ec43ba1b4b7e69c95e790d","sha256":"18c758f9ea07699b0da60ea7fbaba046f723da30deb8849d59ebed4326d7d7f7","sha512":"5c99afb2a6fda14325a7f85d0a8a37c751c5e6863f7cd6a679c41e7fb5f5947991844b0bc81b2cd119fd2e9ae906cf6e57ff9aca8f081a89e13c18d14960b6ed","ssdeep":"192:EDdIIrzoWvnkG0Uk3w2ExCaJIn96PeI2pGq1ip+jNhDgLfYoxgBFBVO8O1eoJgrI:iXo61Hk33Ex5+YPeI4GqieiRgSKoJgte","tlshash":"1a32bff4810329e80176cb1a165f728fe859468f2c8b16e9bb2e5435d8c51c9318cbf3","first_seen":"2026-05-30T17:53:12.146122Z","last_seen":"2026-05-30T17:53:12.146122Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/gioi-thieu-kuwin.jpg.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/gioi-thieu-kuwin.jpg.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"8b9e-689dce6c-866d2;;;\"\r\nlast-modified: Thu, 14 Aug 2025 11:54:20 GMT\r\ncontent-type: image/webp\r\ncontent-length: 35742\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:48 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S6p6H%2BW3d6PvmzMsR2sxW%2FD2IuHeatbyff30UV66pO%2BDMzAlkwkTaPzPi174ZoNvwlB7muugwL1ioNGeoUAmvTU6n%2Bn3W1eINptxgz0Zt%2FZztNUtVewptJ%2FDPMrGNtXV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f9840b9a756af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35742,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 800x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ff41e88768b801e4b991e0d217ffc705","sha1":"4e2035b719ef71c56b17dcadff4605735366f8e6","sha256":"bc5349526d071fce47e80e503edd77ef8bec26a5484c1268070569f6043eeeb2","sha512":"07868ced345fe2c4941656b3cb3c929b3fd6f03c1ff58f6090a8666bb1b6d76317fd75f0f79d8e9328618461f4db11b1e671cb6a12150729971a0e075abf7531","ssdeep":"768:8Zee8+6nRhdiEoF0oyjNjdyP3u+X78hFIdRe1r5GZYyZ5KCeY2Ytts:2evhnjIEoCtMP3p7MIa1rEZY25KGtO","tlshash":"aff201e656f4f443f4f16e92f5f5b8168892a4e29d79fe8a2aeb10870e41735394401c","first_seen":"2026-05-30T17:53:12.147172Z","last_seen":"2026-05-30T17:53:12.147172Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8e60d746741250b4dd4e","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:49.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=8e60d746741250b4dd4e HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"ce7b-682c79d5-83c81;br\"\r\nlast-modified: Tue, 20 May 2025 12:47:17 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 15900\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:49 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lovIguF9%2B%2BOgddb2eN8zhLkQBWUB7NvnJuuzaGbNUwIv7rNv4p3kNg7XeqQ%2BkF0Zu%2Bv8v%2F%2F6Q245yZ2UpbIExlZfowgBc2ybU4N3%2FIoyE70gkhRuqeNWPZtD%2BpWcIgOk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f984329cb56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52859,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52859), with no line terminators","md5":"e4255cbc3ddf1c27dacbd4860b3782c3","sha1":"fa17cf43be7ad4814efc774f8f9d8a6a9a5c8221","sha256":"10d17b852c0a0ab3de4638a2b0fcaee7ed4632a04fb126d388e871bffd0d0854","sha512":"e1dd1119f545c4c2ff24eb34ea1c0ec902abfab92b35abfe75a382ab7af5c065b88ad021b7a0d57ca31a839588e1fa4d485bfd3c59011c34d0057ac94b66cfbb","ssdeep":"1536:IfDJqH5NQ8kNSqcp1U8EtmoYrNqK7kSBed3ZRm:MoxjUvkesedy","tlshash":"1133e728729070fd01ff61a7f13fa32432376565b0064054b53d98fa2d6ad5e26a3fba","first_seen":"2024-07-13T11:25:57Z","last_seen":"2026-05-31T00:25:19.456936Z","times_seen":4440,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/css/7e4b5160fdf93a6e8e23ba0c26c5609e.css?ver=ce4b8","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:43.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/litespeed/css/7e4b5160fdf93a6e8e23ba0c26c5609e.css?ver=ce4b8 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:40 GMT\r\netag: \"251e2-6a03496b-867d9;br\"\r\nlast-modified: Tue, 12 May 2026 15:38:19 GMT\r\ncontent-type: text/css\r\ncontent-length: 27977\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:44 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nL9LR9%2FJo44kYcnKq3s3cqu6D58xx3TJihfCT2GfjW82bnwK70%2ByCo5A86%2BBWB58o6TcanlbMOtH5MP6zvUNLTT0H6VhS0FDoOtAXYZ3zbpB%2BAr39qGcV%2B1YRbkdn%2FkE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f981d1d4d5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":152034,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7e4b5160fdf93a6e8e23ba0c26c5609e","sha1":"0ee556270da660de6be67ea7480d248902c3dec4","sha256":"5f8c0d3285b1c11af5fdb60557fad15ff19aa33f98ceb00289b38c5285c7a1e7","sha512":"c29965e92bcd1f7d78a141007391792efca89a80026e0d4a701f46b77f22d786eb8d158f3b770136961111b0a996852b354634a7f492c2b33a13c62e0a1c73ce","ssdeep":"3072:5q5/32yTXYK8Jm1LqCYDses90dOeLWo0EADT+1zeckhNV3d:ces90dOeLWo0EADT+1zeckhNV3d","tlshash":"c2e32b52f384242ca51b8219d5c4fa7cb23d91a1e7624afbf0679a2dc7cb6d90133e4d","first_seen":"2025-06-20T17:44:24.476056Z","last_seen":"2026-05-30T17:53:12.148791Z","times_seen":208,"resource_available":false,"data":null}},"time_used":1017,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1012,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kuwinsite.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29392\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 24 May 2026 10:06:40 GMT\r\nexpires: Mon, 24 May 2027 10:06:40 GMT\r\ncache-control: public, max-age=31536000\r\nage: 546368\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29392,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29392, version 1.0","md5":"a6323dda0842401b2923554d0ed8945f","sha1":"6a5e89b2f9b47f5a2fb11831479c02b4eebe3089","sha256":"cedb374b05a35034cf96db185db4eeb8f8ce49e1a56197673702ff11b5533d6e","sha512":"6fe8df13c6dbc738b1cfd40c14bda19dca6114b3a4f521ff46fa7ebe25f6ce11046b7d41c1a8528d2294afea5a1c985ff43db37a2de028c1fb61b7197210dac1","ssdeep":"384:Wz9Te6aaq6lpCaascbVjmWd8NifWrHJi9grlYlMl1EfUxFvskjZAFWiMhv4K6Nb2:u9jN2bVjmWQFqgskSWiVK6NbKd","tlshash":"65d2f15cb579c636a098e4b70df5e3bf9599cb39224b9b288341c0385aa3941e442b97","first_seen":"2026-02-19T22:46:38.271285Z","last_seen":"2026-05-31T01:10:15.560115Z","times_seen":9223,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":118,"dns":0,"connect":29,"send":0,"wait":29,"receive":7,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/favicon.ico","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:49.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/favicon.ico HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:46 GMT\r\netag: \"e8be-682c7d7b-8671a;br\"\r\nlast-modified: Tue, 20 May 2025 13:02:51 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 6628\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:49 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=6,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZpMND3oahip55uApZSSzFc%2BdDj0whk2wB4qINtghMRnxLKsJEyCduBGd6EDucsxhE2EljOhqwl5%2FUwUqvih7D9PtC5HrOFY1coi5Nx%2BwmgsoaPZqsukWhbp0Etk1gAHE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f984269c356af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59582,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 120x120, 32 bits/pixel","md5":"8a1265203a11814bf14ac7b8907fb222","sha1":"e5a2a73317b962a8af4566b04d3f68a2f12d1d3e","sha256":"c1c370ee0abb9486d64dc0176b0e8b8a79255b5d8b270f84dbd2a121b78463f9","sha512":"7a2c1326239682a616590c2980a9e521a9fc55be43cdd13fb678a0be14a4ac335f133971bd6dc1f3dd3f15042333d6c2b47f0f0f6c287083a6d70a756bf0d91f","ssdeep":"192:DavJHb7otjfdrMpNEZ2h7+f69lAaNNNNNpNNNNNNNNNYQjgTMlvfnzz2:DaJ7oxfdorhh7+UANQ0wlXzz2","tlshash":"64432052148491e1d3913a30f06ac8b71f2a9d2dbcadae475de9ba0d37b32c1117f0a9","first_seen":"2025-07-25T06:34:39.794385Z","last_seen":"2026-05-30T17:53:12.149996Z","times_seen":226,"resource_available":false,"data":null}},"time_used":779,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":779,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Mon, 01 Jun 2026 17:52:45 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vXtmvYLR7y%2BiEwULm4y%2BrijTT8KcngmDfBH%2BTve8lx4elGbW6XqXly2Vhixj7NrbzeYjFX9dc%2FB9n726CBtlUI1HTt34jE2HyK1niR2%2BckZ1Ocif%2BB%2FGRe2wPhW4icpK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-xss-protection: 1; mode=block\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Sat, 30 May 2026 17:52:45 GMT\r\ncf-ray: a03f982e681b56af-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-31T02:00:53.771207Z","times_seen":355668,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kuwinsite.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 10:17:38 GMT\r\nexpires: Fri, 28 May 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 200110\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-05-31T02:05:58.107543Z","times_seen":169661,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":126,"dns":8,"connect":15,"send":0,"wait":16,"receive":20,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kuwinsite.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14340\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 24 May 2026 10:09:08 GMT\r\nexpires: Mon, 24 May 2027 10:09:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 546220\r\nlast-modified: Wed, 18 Feb 2026 19:51:46 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14340,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14340, version 1.0","md5":"3860f0d8108ecb52fb8d95248475c0f7","sha1":"ea12964a22c83d28a3afb1c29ad45ee75e7e2d52","sha256":"0b60bbe04e9c479444b31270a72179f53e400beee57b7dd176c08e5e2e716831","sha512":"51efa4c2f86eed9958227d7a87fb08eb795cd478e4889e63cf40ebcc1f199990fdaf79b64310d4698f1459eb913965b399833a9bac7b62fac78eefe9a3711703","ssdeep":"384:4V1aTNugYTIPM493neccqcvNCfsM+Qzvimq:4V1aT1+IP3nGOfsMwf","tlshash":"5852d0b6a2acc754f41af5b4b180abb8048b2302c591f1e95b18dc795a53534cfbcb46","first_seen":"2026-02-20T00:45:13.010169Z","last_seen":"2026-05-31T01:10:15.573354Z","times_seen":2743,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":128,"dns":0,"connect":31,"send":0,"wait":27,"receive":3,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/favicon.ico","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:49.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/favicon.ico HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:46 GMT\r\netag: \"e8be-682c7d7b-8671a;br\"\r\nlast-modified: Tue, 20 May 2025 13:02:51 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 6628\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:49 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 0\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=6,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PgWq1qnzv7myelwzqQ8n07xT61pZuxOBbnxoQMZsQHQ7bcI2ILbBkUeIJa%2FFQBnsAoyWWw9vPvUHhtKpDFJVUv1lunWzPYzPN%2BSrqKxXMLZKy%2F5Le9nFd1iW2ikmEiPs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f984269c256af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59582,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 120x120, 32 bits/pixel","md5":"8a1265203a11814bf14ac7b8907fb222","sha1":"e5a2a73317b962a8af4566b04d3f68a2f12d1d3e","sha256":"c1c370ee0abb9486d64dc0176b0e8b8a79255b5d8b270f84dbd2a121b78463f9","sha512":"7a2c1326239682a616590c2980a9e521a9fc55be43cdd13fb678a0be14a4ac335f133971bd6dc1f3dd3f15042333d6c2b47f0f0f6c287083a6d70a756bf0d91f","ssdeep":"192:DavJHb7otjfdrMpNEZ2h7+f69lAaNNNNNpNNNNNNNNNYQjgTMlvfnzz2:DaJ7oxfdorhh7+UANQ0wlXzz2","tlshash":"64432052148491e1d3913a30f06ac8b71f2a9d2dbcadae475de9ba0d37b32c1117f0a9","first_seen":"2025-07-25T06:34:39.794385Z","last_seen":"2026-05-30T17:53:12.149996Z","times_seen":226,"resource_available":false,"data":null}},"time_used":779,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":779,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/css/5ab0117c49d575959630fff25cd65123.css?ver=65123","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/litespeed/css/5ab0117c49d575959630fff25cd65123.css?ver=65123 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:42 GMT\r\netag: \"251e2-6a1b23e9-8ae87;br\"\r\nlast-modified: Sat, 30 May 2026 17:52:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 27977\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yQqaT%2BQYPxiCYpx9dgryw4pG41%2B7FfpkCxo97Qhbgdw4IW8bc8X1TLHBViEiI7qDcSsdwoTF0LDOT1r0hkjbi4BybCJI52ZZ8dg73A9e6zYO2wbPqB6fiaDqd41pbOqr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e581256af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":152034,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7e4b5160fdf93a6e8e23ba0c26c5609e","sha1":"0ee556270da660de6be67ea7480d248902c3dec4","sha256":"5f8c0d3285b1c11af5fdb60557fad15ff19aa33f98ceb00289b38c5285c7a1e7","sha512":"c29965e92bcd1f7d78a141007391792efca89a80026e0d4a701f46b77f22d786eb8d158f3b770136961111b0a996852b354634a7f492c2b33a13c62e0a1c73ce","ssdeep":"3072:5q5/32yTXYK8Jm1LqCYDses90dOeLWo0EADT+1zeckhNV3d:ces90dOeLWo0EADT+1zeckhNV3d","tlshash":"c2e32b52f384242ca51b8219d5c4fa7cb23d91a1e7624afbf0679a2dc7cb6d90133e4d","first_seen":"2025-06-20T17:44:24.476056Z","last_seen":"2026-05-30T17:53:12.148791Z","times_seen":208,"resource_available":false,"data":null}},"time_used":1055,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1054,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/f4f3f28c7c5e8fc07b0a06642fc642a7.js?ver=642a7","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/litespeed/js/f4f3f28c7c5e8fc07b0a06642fc642a7.js?ver=642a7 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"350a-6a1b23e9-8ae8e;br\"\r\nlast-modified: Sat, 30 May 2026 17:52:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4681\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Px8o%2FSo8Nem7KctmgOGipkTElLjjBq20%2FabAFIubHYzJTX4ZbR7VqNDDh277lOVvGGlmjeQzp%2Bd22Gtrqalh%2FTZp1%2Bm5lzREIQiKO2uGgqQm7cGhJzkQFyR2CDbIONpv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681556af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13578,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"47a628aef2f254c32c3b5878700a42ce","sha1":"43814a498670a432b6a73cc80e67bdc738313ea2","sha256":"ea64f589334f647f2254d595466c036000a3d9150ad078a69eba7f845c0c0713","sha512":"2dad1648412fe67306b86320bc4ba90a681086b4e799528ea9783157fdc1fda64dede2e9e7958d0973156ed3d9084034422ed9c4794bedb5c7b8151917540671","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORl:5rprxaefKI0LP19m4q1WW+h4Mjw","tlshash":"5e52c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-08-09T06:09:09Z","last_seen":"2026-05-31T01:18:32.553985Z","times_seen":12614,"resource_available":true,"data":null}},"time_used":769,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":769,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kuwinsite.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 10:17:38 GMT\r\nexpires: Fri, 28 May 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 200110\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-05-31T02:05:58.107543Z","times_seen":169661,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":248,"dns":0,"connect":33,"send":0,"wait":19,"receive":3,"ssl":226},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/taiapp.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/taiapp.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"225a-689dcf0a-865ed;;;\"\r\nlast-modified: Thu, 14 Aug 2025 11:56:58 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8794\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:48 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 3\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9PSXoJgwBizOuPrVwiaRxvA1drF8Xt8OCeIQK%2F6eMm1Szan%2Bv4vbNZGQyHU6DNfQQy1URF8AoHXpOegPlf8QBG89LU9phNUeEEyKnrT%2Fxp6S7rM4St89UidhqP6pHDaV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f9840b9a656af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8794,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c7484bdb4e2fa2688f0da58414f1dcb7","sha1":"7145ed982636a9e74cde3ef3403fbb2236cbd937","sha256":"c48c6ef627f5f01bcd935387fc6b04e8373e5ec2434eede5d77d0e4a729a343e","sha512":"e7c4fcbba507bdd5be8af3152c73997d82b21afe4019fe487d8b92f123fa773c56cf490990bf7e2f660344699c5a3844424bcf457d125f5a87a8ad9695764ec1","ssdeep":"192:zvLeEx6PhbSVG/24NTNXOEnwoRL9Uz2CO39s2XUMgERd:LLeEGbSVG/24zdLfl3a2hgG","tlshash":"4402b0892dde411ce0e5084babc3e2400d86a9551a53753b3d6370e478c27bc9b797dc","first_seen":"2026-05-30T17:53:12.154391Z","last_seen":"2026-05-30T17:53:12.154391Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"172.67.158.62","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T17:52:44.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=guest_mode%3A1\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 17:52:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-dns-prefetch-control: on\r\nlink: \u003chttps://kuwinsite.ink/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://kuwinsite.ink/wp-json/wp/v2/pages/9\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://kuwinsite.ink/\u003e; rel=shortlink\r\nset-cookie: _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; expires=Mon, 01 Jun 2026 17:52:41 GMT; Max-Age=172800; path=/; secure; HttpOnly\r\nx-litespeed-cache-control: public,max-age=604800\r\nx-litespeed-tag: 93e_front,93e_URL.6666cd76f96956469e7be39d750cc7d9,93e_F,93e_Po.9,93e_PGS,93e_\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aZJ4q%2BNbXUeSSwHhvzCH4zcWtPrVxWgmIvi4df%2FXIv0CmC%2B8WebsZ86UmNIRsSrmEkuB8efG%2BitaqsD2%2F7UbCfGKo9743bGxpzcrNaF7zi0NRP74F62OPdzXGSegw3%2Ba\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\ncontent-encoding: br\r\ncf-ray: a03f9825fa085696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":105791,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11390)","md5":"758d793ed47a4e72f4efe27d3a05a587","sha1":"2eef2257f2f2a13763addc81d28d26029b39a860","sha256":"4de03a8005fee5c405dd78a63cc8e7f2653afe5155178114356d81b830beaeeb","sha512":"bea8182902d24e327acf94ef352a4c6ffcde941ce638d7a2e57a359b9a4b1bd3c37efaea4ed4da0037b599a640b5e2e37605a33fc030e538c7b723f1085ced82","ssdeep":"3072:dmzXKaSjjvn6cKOeZ+ynFME7F8A3xOMz8vz:dcKaSjjv6YeN8vz","tlshash":"8aa3d833408a203f133b89dce2a47b5de2d7920bdb459a8176fc15f88fd1ea14a7264d","first_seen":"2026-05-30T17:53:12.15563Z","last_seen":"2026-05-30T17:53:12.15563Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1346,"timings":{"blocked":12,"dns":2,"connect":1,"send":0,"wait":1307,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:49.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"9bb3-682c79d5-83c82;br\"\r\nlast-modified: Tue, 20 May 2025 12:47:17 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 9684\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:49 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 4\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dv1QD2AydtKLKbXsmMHsghyfXQnz6116JeDWWfK9qVK9dYNZsXy2HDdTbwDSWHX7kuEu2YO%2BmpR%2FgyeLVYkJ1wHnWrBc7ugjcG7cqLWFcGU8cD%2BruQnVmId1lDtbfptB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f984329ce56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39859,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (39859), with no line terminators","md5":"f0edb228c3e837a21d402e0ae2d8b9b9","sha1":"0565eb152f79d2e01fd81241f9a2dd9cae35d895","sha256":"cfe3a9b28aaa89047d6776abd1a2988dd77fce6d86553517715a7a904d3b1501","sha512":"d22c84237d15f40194986f64c2937b4627e24e6c41b18c7810b3f2fb8b989d2c705cc1407de59006cdf6bddf1204647a42eccc23621d7dc73b759f3021976c45","ssdeep":"768:1pk+gInpvUKN7K3TCPHq3U5Hs9Nn1eU6YwlKUqAacA5Ag3KEuP3UtEduE7Hhg566:Uwk3TCPe5wsdAry","tlshash":"7103769af351291246eb62fd6336370f1132812d91c380b4b17c9be91dae507b7b7a6c","first_seen":"2024-07-22T13:08:18Z","last_seen":"2026-05-31T00:25:19.481242Z","times_seen":12136,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:49.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba; _ga_QV31QZ8FJ9=GS2.1.s1780163568$o1$g0$t1780163568$j60$l0$h0; _ga=GA1.1.25261115.1780163569\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"4e48-682c79d5-83c7f;br\"\r\nlast-modified: Tue, 20 May 2025 12:47:17 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 6929\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:49 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 4\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xmBxwSsz86CferZP1TUww%2BgEEiAn71uLuwJGPpOEjAMI2nn7fk6Jahzmmw6gmLIUDHF1NPWQXvyEcGGIFy3xTFLpNycYjYrzI9FPSsZZfwG%2BRPgHfWg5%2FH35scMSsBz6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f984329cd56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20040,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (20040), with no line terminators","md5":"58d197438cf1732de099a835eee1f203","sha1":"ba831d6df4962eea0b97ebfc83a03c2413228bd9","sha256":"da39613cd3084e98f35de15dffc1cbe886d429870c10df549308a23174717be3","sha512":"7e9a87932047a2f22649806584a1f37a5d4682581ac2ee9a1be5b6e3d98ace7d7dc2e75bddf54e952ade22c21dd4a016be9f0a9e843808f14be6a2e57a0cd0ea","ssdeep":"384:CP9kCoixNXe/bDhRSkvRuAoCIKJe5anL/L3LnlqV+g+JdSPR5c3GJxQc:ClNkhH0KA5anLPlqH+aPw3QGc","tlshash":"f592e858f1a2b21783eb75b86d9f240c3b72e512c94bc001765994a86dfde88a127f3c","first_seen":"2024-06-29T16:20:38Z","last_seen":"2026-05-31T00:25:19.483622Z","times_seen":12765,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/ruttien.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/ruttien.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/AnyConv.com__kuwin-2-1536x360.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/AnyConv.com__kuwin-2-1536x360.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=43200\r\nexpires: Sun, 31 May 2026 05:52:41 GMT\r\netag: \"105e2-682d92df-864be;;;\"\r\nlast-modified: Wed, 21 May 2025 08:46:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 67042\r\naccept-ranges: bytes\r\ndate: Sat, 30 May 2026 17:52:45 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nage: 0\r\ncf-cache-status: HIT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4JmUZOMDvJB8Gv8w%2FkmGORcvxTWhr4elSVwz0Yf91o94jVtRJRKs6U3Z%2BQCpQEEg878CEIYodxFlr2QC6C2Qip68BMvXQSosZwX6z%2BPUGjk0qS0z2IRVOji7E%2BsUpmi1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681956af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67042,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1536x360, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9999fbda1640bc04333a1c692fdca703","sha1":"2dd57e4f9790223e0c0769fa757a9d4434987d03","sha256":"6207d22c2cedf2f41fbd633142eb0f0c0c691b0f6e22a92a6fac167000083902","sha512":"953a70a93a7186f5d1d6aaeedaa1f44fb5e1e66030070437c8a9629a120a48494e0fb26076564bde6d6a6f3a19813440c44b9e75be2ac4ca04fb1916cfcd5f32","ssdeep":"1536:NvHutQ7rIIv80S+ze8jXA/l6qHh9Vpt5WeC0EFu2GuwMlX2mhVn:FH8QYIEBoe87clR/pbW1Du2Gu5lX2mb","tlshash":"f46312d686195cfcafaa3e12754cb08522b20d2b1793af499dd354c2f8ef3005d8197d","first_seen":"2026-05-30T17:53:12.157797Z","last_seen":"2026-05-30T17:53:12.157797Z","times_seen":1,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T17:52:41.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 17:52:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-dns-prefetch-control: on\r\nlink: \u003chttps://kuwinsite.ink/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://kuwinsite.ink/wp-json/wp/v2/pages/9\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://kuwinsite.ink/\u003e; rel=shortlink\r\nvary: Accept-Encoding\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: cloudflare\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; HttpOnly; SameSite=None; Secure; Path=/; Domain=kuwinsite.ink; Expires=Sat, 30 May 2026 18:22:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GBDjl%2Bmuz0xZRQESUSLKSq5rzo5rxLPh0f87AgDx%2BGcTBtIRdcZl7iwOvq729%2BmvXHzVNTORa0x1TfXJy2E%2FQfvn7K25tBFYgzmxG3IMrIO%2FIHRuP%2FtxnXR0zJJ57G%2Bx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\ncontent-encoding: br\r\ncf-ray: a03f98159929783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":123170,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11390)","md5":"405d7bcb4df16e84f7546f70ce311479","sha1":"d0f92d83562c41eb672cc4d9c0ee0fa573011c77","sha256":"1f5b5abff4319ca39a53bdc6303bf23ad3816b34d43dbda9d9137fb79c3597bb","sha512":"368155746d68048404681d5b50a60e8faa4ac671d2c2811df8f41e439a21f4cbc4732c2eecfbed207a1362916f1a7cbb12894ec5d9f9985af6c4a10b6eb01fb0","ssdeep":"3072:nmqFAaSjjvX9cmWeZ+yRFM9wKQOOMBT8p2r:nDAaSjjvNweE8Yr","tlshash":"b8c31a33508a203f122bc9dce1647b5de2d7a20bce468a9176fc55f8cfd1e611a72a5c","first_seen":"2026-05-30T17:53:12.158834Z","last_seen":"2026-05-30T17:53:12.158834Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1067,"timings":{"blocked":54,"dns":31,"connect":1,"send":0,"wait":959,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/kuwin.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/kuwin.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/AnyConv.com__kuwin-2-1536x360.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/AnyConv.com__kuwin-2-1536x360.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular\u0026display=swap\u0026ver=3.9","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular\u0026display=swap\u0026ver=3.9 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 30 May 2026 17:52:46 GMT\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11170,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"261808772a38bee61a32aa80be774008","sha1":"7fef323fd8fdbb99eb6ebfd2678c73afc7e7e83b","sha256":"02277c4df3590949344a542c33081bb91aef4d64b4d68684d6679c8aa59eccf2","sha512":"e0a343fc046cfde2b059e823bb41566f1cf929b809bbc527fa2d9e33c613edd58802da4e2c4e5d8b601e1be2027ed32e34ed413671a8aa5a51bce84142f5002e","ssdeep":"192:2N9fmN9fN94N9fkN9/qbN9DbqGIwV4BN9nN9uwN9iN9fXN9uN9NN9fZN9/qqN9DK:89fM919W969yh9/qY4X9N9t949fd9k9E","tlshash":"a3321fa1041744009b838ce223cebf35fe1f52117142d0b5abfd9b6baddbca6526936d","first_seen":"2026-02-19T22:49:36.283016Z","last_seen":"2026-05-31T00:26:05.937253Z","times_seen":4317,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":142,"dns":0,"connect":29,"send":0,"wait":47,"receive":0,"ssl":122},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/26171eb9a9101001dc40c3599ab2c44b.js?ver=2c44b","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/litespeed/js/26171eb9a9101001dc40c3599ab2c44b.js?ver=2c44b HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"3a27-6a1b23e9-8ae99;br\"\r\nlast-modified: Sat, 30 May 2026 17:52:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4388\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ypEXYqCVCB%2BEC1v%2B8W%2Fjy7AXXWOz0CwLgpED5sQRzaOciB7UgW0g%2FwR3LncLq26OxqBbJuplqajJ0QWZghrg5%2F%2BoFWn8ojeZXlnk8SHca2RD8wIhSMqqivlgP8j834su\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681c56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14887,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (13464)","md5":"fbc93e722ea25342b7af79058155f827","sha1":"d256e82bb7f1b956684e6f0c87f998fecf90652e","sha256":"b692237ed6b670204fe4eb601ddc78fec3afef8cb34648c0ccea18ba28b1133a","sha512":"6a8971223f3831358031363b8bce0092520212714a3d9b425be109fbef7e51837d31383217b62131e5bd037e7af4d86c3155100ef569527b501c2ae3b8e7ef62","ssdeep":"384:71yd4Sk6FCT6IZ9bAstA3fVipSfUeGey4o+:70iSk2RIZ9MsmNqVU","tlshash":"3d62b644b2416772d3df60adc89b050ea9bbba186d05289c763bc9c98d74f0c70bfa75","first_seen":"2023-03-11T09:44:15Z","last_seen":"2026-05-31T01:11:58.888393Z","times_seen":2001,"resource_available":true,"data":null}},"time_used":778,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":778,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/uploads/2025/05/naptien.webp","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/naptien.webp HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/plugins/litespeed-cache/guest.vary.php","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"POST /wp-content/plugins/litespeed-cache/guest.vary.php HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nOrigin: https://kuwinsite.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nx-robots-tag: noindex\r\nx-litespeed-cache-control: no-cache\r\nset-cookie: _lscache_vary=guest_mode%3A1; expires=Mon, 01 Jun 2026 17:52:40 GMT; Max-Age=172800; path=/; secure; HttpOnly\r\ncontent-type: text/html; charset=UTF-8\r\nexpect-ct: max-age=86400, enforce\r\nvary: Accept-Encoding\r\nx-xss-protection: 1; mode=block\r\ndate: Sat, 30 May 2026 17:52:44 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncf-cache-status: DYNAMIC\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S3OAl68B%2BHlcOq5VO7Y%2Bk%2B7z9aHkkLmfPFIVAVsCoQ4kyBkJtXcmTXa4HrqMqJejJ9V71j%2Bi3tI3TvPdPblzOqUEEbfC8dDvZhHbJiX6Yw5SNcOngLfsx8xYQtpk%2FjNS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a03f98241f055ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"e2bb2c7e02e214822b4ffffc314ca27e","sha1":"2d193e2847595361f1b0ce151dfd28c2f855c510","sha256":"76fb65f605df2b2d124684c3c4ec3e0c75fdf013b2727af6cdb68b73b5c8a9bb","sha512":"acd30fcff40e16a4a59148b85a496dad9946906d3e1c998d9b6fbfc8f8474a828489e9f129eb20f3c3588b3fc55cb3f146c1c457a2f4d51d2dc115ef88d044f8","ssdeep":"","tlshash":"92600000220c820202200880b080000000800822888a80e08000000080008800002a22","first_seen":"2023-04-05T13:39:14Z","last_seen":"2026-05-31T01:47:05.238237Z","times_seen":12189,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kuwinsite.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29392\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 24 May 2026 10:06:40 GMT\r\nexpires: Mon, 24 May 2027 10:06:40 GMT\r\ncache-control: public, max-age=31536000\r\nage: 546368\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29392,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29392, version 1.0","md5":"a6323dda0842401b2923554d0ed8945f","sha1":"6a5e89b2f9b47f5a2fb11831479c02b4eebe3089","sha256":"cedb374b05a35034cf96db185db4eeb8f8ce49e1a56197673702ff11b5533d6e","sha512":"6fe8df13c6dbc738b1cfd40c14bda19dca6114b3a4f521ff46fa7ebe25f6ce11046b7d41c1a8528d2294afea5a1c985ff43db37a2de028c1fb61b7197210dac1","ssdeep":"384:Wz9Te6aaq6lpCaascbVjmWd8NifWrHJi9grlYlMl1EfUxFvskjZAFWiMhv4K6Nb2:u9jN2bVjmWQFqgskSWiVK6NbKd","tlshash":"65d2f15cb579c636a098e4b70df5e3bf9599cb39224b9b288341c0385aa3941e442b97","first_seen":"2026-02-19T22:46:38.271285Z","last_seen":"2026-05-31T01:10:15.560115Z","times_seen":9223,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":258,"dns":0,"connect":29,"send":0,"wait":15,"receive":3,"ssl":231},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:48.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kuwinsite.ink\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14340\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 24 May 2026 10:09:08 GMT\r\nexpires: Mon, 24 May 2027 10:09:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 546220\r\nlast-modified: Wed, 18 Feb 2026 19:51:46 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14340,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14340, version 1.0","md5":"3860f0d8108ecb52fb8d95248475c0f7","sha1":"ea12964a22c83d28a3afb1c29ad45ee75e7e2d52","sha256":"0b60bbe04e9c479444b31270a72179f53e400beee57b7dd176c08e5e2e716831","sha512":"51efa4c2f86eed9958227d7a87fb08eb795cd478e4889e63cf40ebcc1f199990fdaf79b64310d4698f1459eb913965b399833a9bac7b62fac78eefe9a3711703","ssdeep":"384:4V1aTNugYTIPM493neccqcvNCfsM+Qzvimq:4V1aT1+IP3nGOfsMwf","tlshash":"5852d0b6a2acc754f41af5b4b180abb8048b2302c591f1e95b18dc795a53534cfbcb46","first_seen":"2026-02-20T00:45:13.010169Z","last_seen":"2026-05-31T01:10:15.573354Z","times_seen":2743,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":225,"dns":8,"connect":16,"send":0,"wait":15,"receive":2,"ssl":199},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8e60d746741250b4dd4e","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=8e60d746741250b4dd4e HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.19.6","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:44.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.19.6 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T02:03:26.884669Z","times_seen":15939197,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuwinsite.ink/wp-content/litespeed/js/9a003ffac4b22ed497976e45c55b3d37.js?ver=b3d37","fqdn":"kuwinsite.ink","domain":"kuwinsite.ink","tld":"ink"},"ip":{"addr":"104.21.81.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuwinsite.ink/","date":"2026-05-30T17:52:45.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuwinsite.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 15:07:57 GMT","end":"Wed, 22 Jul 2026 16:05:06 GMT"},"fingerprint":{"sha1":"B1:50:9E:31:51:D0:FD:D7:D9:95:64:D1:B1:91:95:C7:DB:1D:F6:68","sha256":"2C:FF:C9:85:DD:FD:7D:30:DC:BB:5D:2E:94:97:66:A5:A6:64:F8:18:FA:A6:52:DA:A2:8F:56:CF:5D:4C:D7:A2"}}},"request":{"raw":"GET /wp-content/litespeed/js/9a003ffac4b22ed497976e45c55b3d37.js?ver=b3d37 HTTP/1.1\r\nHost: kuwinsite.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kuwinsite.ink/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=eU8VJP0gV_I21UCB1Xea.GGHr2Iv_FEMvWci4dV20rk-1780163561.8537207-1.0.1.1-09Q9N.lxqTRFe18F8jzj2xKSxXuj6MVb6wiit5zZdQr9W5TBLInjB7kBkNqsXLCYPJQAtoucz2wiG7W413KBjnwJeeC1P.V8BAWzlBlRVipZ56VeeyMnSsgFLY8_fbjE; _lscache_vary=4d2273918b37843dcf551dd8bcec5aba\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"ce7c-6a1b23e9-8ae9b;br\"\r\nlast-modified: Sat, 30 May 2026 17:52:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 15905\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 17:52:46 GMT\r\nserver: cloudflare\r\npermissions-policy: camera=(), microphone=(), geolocation=(), usb=(), payment=()\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xXCYa4SEdHnhqLX3KB5G%2BTYEh7%2FVC8BFp8Lbt3%2FQKEwxoK4Ukg5pAMIvuo%2ButRjvZoQCzgCorO15%2Bm8AuRqCnU%2FqB5RSqo%2BmkVsN%2B19gOSgSTUbrmoo0EVy0gkjnApqk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: a03f982e681e56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52860,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52858)","md5":"6f6da96b0001a649f60dabe22852c2c1","sha1":"ed75c7bc3226c7f570c32198b90cf07bdc06a736","sha256":"cd9ad12ad36db8b0b3c170efbf3883ef728e7657b5656aab7840f51d17a789e8","sha512":"8cb3decad72ebb78949e88b8f165e3037b500ad9e7bff92c8bfc7de25c8299caab3a4f03dfd4950b9397687980df9a86215d5f64ab3b6556b1ab73dea40967af","ssdeep":"1536:IfDJqH5NQ8kNSqcp1U8EtmoYrNqK7kSBed3ZRO:MoxjUvkesedC","tlshash":"8233e728729070fd01ff61a7f13fa32432376565b0064054b53d98fa2d6ad5e26a3fba","first_seen":"2024-09-09T22:27:19Z","last_seen":"2026-05-30T17:53:12.161392Z","times_seen":372,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"kuwinsite.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}