{"report_id":"1b37cee6-c6dd-4658-8931-c348cb102747","version":0,"status":"done","tags":[],"date":"2026-07-03T19:19:27Z","url":{"schema":"https","addr":"defi-kong.org","fqdn":"defi-kong.org","domain":"defi-kong.org","tld":"org"},"ip":{"addr":"172.67.162.104","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"defi-kong.net/","fqdn":"defi-kong.net","domain":"defi-kong.net","tld":"net"},"title":"DeFi Kong � Connect Wallet","dom":{"size":8995,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"7d7ea01671abef1e18c3db969864cbf4","sha1":"755ab9ff312da6a0a9471731692f900c7eb23d75","sha256":"acbec94cb1a0cb9ad7cf343a684904af59f90ac501773e5046e2c6d001c017a7","sha512":"aa66fb1821c58a6247bd78a5580de1f0868bb104194948f51a615e8c7aac40dca62948357fce9b87a7131b916e38f21c8420127da333c6151adf156a0b65a85c","ssdeep":"192:BrMhMD3o64hvu1Bpf8EguR79m1FbN/akbGxph:Br2embK","tlshash":"7f02524aa7f71322657791a527e747a673a1d103c40ec9783fed53a88f86a81ac9334c","dom_hash":"domhash0f47d6b1fe2bbdaa365b37101c138514","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"defi-kong.org","fqdn":"defi-kong.org","domain":"defi-kong.org","tld":"org"},"ip":{"addr":"172.67.162.104","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-07T19:19:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"defi-kong.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"defi-kong.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"defi-kong.org","ip":{"addr":"172.67.162.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-07-03","domain_rank":0,"first_seen":"2026-07-03T19:19:27.6584Z","last_seen":"2026-07-03T19:19:27.6584Z","alert_count":1,"request_count":1,"received_data":515,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"defi-kong.net","ip":{"addr":"104.21.75.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-07-03","domain_rank":0,"first_seen":"2026-07-03T19:19:27.655988Z","last_seen":"2026-07-03T19:19:27.655988Z","alert_count":2,"request_count":2,"received_data":10587,"sent_data":984,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"defi-kong.net/","fqdn":"defi-kong.net","domain":"defi-kong.net","tld":"net"},"ip":{"addr":"104.21.75.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"79a0c816c0be391237969dd548a1b989","sha1":"3ff12269ce978911f8aa92b1d77394737f24527a","sha256":"6dfa982204fd807228990c6712810129356cda9e1a3d40386216590293130396","sha512":"fa84b25787fa09a9c2fdf8c64464045cf6f5f279a9c709b6fed60d1f10dd53497c3adbce62712ef9d01031eaa013953f6927c4898a87989ee86135c36168a6d6","ssdeep":"","tlshash":"0f318c5936b9333141bf666663df62a9723090432608ce643f9cc2564fb1ba18da3a98","size":1782,"data":"","first_seen":"2026-07-03T19:19:31.240073Z","last_seen":"2026-07-03T19:19:31.240073Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"defi-kong.org/","fqdn":"defi-kong.org","domain":"defi-kong.org","tld":"org"},"ip":{"addr":"172.67.162.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T19:19:03.354Z","timestamp":1783106343354,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi-kong.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Jul 2026 01:50:09 GMT","end":"Thu, 01 Oct 2026 02:47:30 GMT"},"fingerprint":{"sha1":"24:BD:CF:62:17:4B:CD:2D:FC:86:A1:1B:C7:82:DC:C0:A6:0D:DC:AE","sha256":"A5:68:FF:C1:F1:66:B9:46:D6:67:11:CF:C6:19:B1:70:1A:1E:3B:40:11:59:DC:A0:55:04:FE:54:DF:F3:B7:0D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: defi-kong.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 \r\ndate: Fri, 03 Jul 2026 19:19:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://defi-kong.net/\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TMGr%2B4um5eHBppkUW8LdIJbM3xPPx8rkz%2BGSmT9na5how3UETj8%2FsXUW11J0YOnU4ORBYhr5ApRqxkbKLmJUuVJOu%2FXzZ2hE6FWzX4UVGSgMvrnwtdYDsueJPI5r0puL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: a1583d56ddb35ebd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-04T05:30:48.580444Z","times_seen":16964640,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":68,"connect":1,"send":0,"wait":3,"receive":-1,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"defi-kong.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defi-kong.net/","fqdn":"defi-kong.net","domain":"defi-kong.net","tld":"net"},"ip":{"addr":"104.21.75.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T19:19:03.531Z","timestamp":1783106343531,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi-kong.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Jul 2026 01:46:33 GMT","end":"Thu, 01 Oct 2026 02:42:37 GMT"},"fingerprint":{"sha1":"38:B2:CE:62:0C:35:03:01:63:8D:6F:53:A0:0D:A6:A8:4B:B2:77:26","sha256":"4A:0B:3F:12:7E:6E:A9:83:29:36:F5:3F:64:3F:1D:5D:9B:EC:0A:D3:AE:D1:C7:64:2F:3B:08:DD:3B:3B:B1:00"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: defi-kong.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 19:19:03 GMT\r\nserver: cloudflare\r\nlast-modified: Fri, 03 Jul 2026 15:04:55 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WS6XEv9SjZ9Mq7%2BwJjYTUwFbbh%2FJHJ2qRXKrfRaN7OREwtvL5woq8jlhOE0RellE%2Bs4XeuP2%2BzEghXswGke8TdsLB%2Fia%2BOsOJ1nY%2FlkMN2mcorS4A5Ft5Q6EvWaMrShK\"}]}\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a1583d573fb5783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9017,"size_decoded":3374,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"17049e6e62d372662a636f040723ea6f","sha1":"bf3d7f0a9027aa53d1be8c57e5f61f6c068340eb","sha256":"7ca3330d473b2ae96cd2d4d50bcd0031fde5bbc95953152336847ca3a54f6296","sha512":"924dc84aec6db789fd7ad123d889728fcb22d25c546787bf1fc9bb84a2fab54141b265a50a11cd3720a60a6555c518a2c36d84fe15e6eb06c8f8c8d2c7175f5d","ssdeep":"192:vrMhMD3o64hvu1Bpf8EguR79m1FbN/+okbGxpdD:vr2eZbS","tlshash":"4312534aa7f71322657791a527e747a633a1c103c40ecd783fed53a88f86a81ac9334c","first_seen":"2026-07-03T19:19:31.237017Z","last_seen":"2026-07-03T19:19:31.237017Z","times_seen":1,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":10,"connect":17,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"defi-kong.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defi-kong.net/favicon.ico","fqdn":"defi-kong.net","domain":"defi-kong.net","tld":"net"},"ip":{"addr":"104.21.75.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://defi-kong.net/","date":"2026-07-03T19:19:03.994Z","timestamp":1783106343994,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi-kong.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Jul 2026 01:46:33 GMT","end":"Thu, 01 Oct 2026 02:42:37 GMT"},"fingerprint":{"sha1":"38:B2:CE:62:0C:35:03:01:63:8D:6F:53:A0:0D:A6:A8:4B:B2:77:26","sha256":"4A:0B:3F:12:7E:6E:A9:83:29:36:F5:3F:64:3F:1D:5D:9B:EC:0A:D3:AE:D1:C7:64:2F:3B:08:DD:3B:3B:B1:00"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: defi-kong.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://defi-kong.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ndate: Fri, 03 Jul 2026 19:19:04 GMT\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bHIqGSczgAaZidfLIBjCEyVdXZEI54ytRlDE7q%2BOQbQH63FtlCZu69QKHuDn62XMLm9yyF92bmeoDMS1tSUV7DvEPbVg1NV905WReHaEPDWf2vB58eNOH723lUqVWeYh\"}]}\r\ncontent-type: text/html; charset=iso-8859-1\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\ncf-ray: a1583d59f819783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":315,"size_decoded":872,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"bdbfe9ed32c4dd3933807389d6308aea","sha1":"06afbfee4cd20ffad2b317f82314bfd8fb615662","sha256":"224eeafa32e946cdd38f18b936a74bf7c1f6bca5a7b48dc90e48de9f98fe51bc","sha512":"daefe1286c5f4ce0c0b0d8837fbd5f455b8801f4e8db5d9822e9bb89b37fc05e8c94ae6e80b78920880df271332630dc900a01701079f448debb38ed6bc730f5","ssdeep":"","tlshash":"37e07daf4052d38a455169503dd427c27a4d93eb746683e829c1c447514897ed8a65c9","first_seen":"2026-07-03T19:19:31.238597Z","last_seen":"2026-07-03T19:19:31.238597Z","times_seen":1,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"defi-kong.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}
