{"report_id":"22374ceb-e8a9-42e5-9bce-68640eed6355","version":0,"status":"done","tags":[],"date":"2026-06-24T12:53:22Z","url":{"schema":"https","addr":"www.kuofax.com/","fqdn":"www.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"69.67.173.34","port":0,"asn":30295,"as":"2ICSYSTEMSINC","country":"Canada","country_code":"CA"},"final":{"url":{"schema":"https","addr":"play.kuofax.com/","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"title":"Kuofax: Most Popular Online Crypto Casino Based on Blockchain","dom":{"size":1071642,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (60588)","md5":"58aa9b3f3b43e4aafff3fbe8a2d0194d","sha1":"44e550875ae332d142458f206d8921375dbd4bc2","sha256":"c2e68b2cc7d8adc0d4d8b05b5890b0ee52645339cd5fb96cec577b97245fbc29","sha512":"7e70e4b18c1846f7dbe49be2519fff59cce2c7fef1651d795c3a57bfb04f27e1ba1a111af47659f5c7e9888cbf3df7f7d8cb23e7452bd7e8676247e859226837","ssdeep":"12288:BWJ24cvYrexWJ24cvYFSN87vIomx0wgH+vVKSN87vIomx0wgH+vVx6:Q/cEeg/c7NgvIh/VvNgvIh/Vx6","tlshash":"2635cfb963580af4f34997ded961786832fa34ffbff18048d2166e8601a999d4d0c8d3","dom_hash":"domhash256027d961fb4f4d3674dc7184901c72","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"www.kuofax.com/","fqdn":"www.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"69.67.173.34","port":0,"asn":30295,"as":"2ICSYSTEMSINC","country":"Canada","country_code":"CA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-29T12:53:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":8}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"www.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"www.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"www.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"www.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"play.kuofax.com","ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-08","domain_rank":0,"first_seen":"2026-06-24T12:24:13.554926Z","last_seen":"2026-06-24T12:24:13.554926Z","alert_count":272,"request_count":68,"received_data":21292170,"sent_data":50972,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.kuofax.com","ip":{"addr":"69.67.173.34","port":443,"asn":30295,"as":"2ICSYSTEMSINC","country":"Canada","country_code":"CA"},"domain_registered":"2026-06-08","domain_rank":0,"first_seen":"2026-06-24T12:24:13.569013Z","last_seen":"2026-06-24T12:24:13.569013Z","alert_count":4,"request_count":1,"received_data":226,"sent_data":483,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/direct-router.bundle.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f589e6e05857a1cf881cfc2a05ef7e9a","sha1":"8d8a58344a1e44416eea1555fcd2f024cd664087","sha256":"6c15c81fe6c86f71b4504b7437ba52be08619e4d694cd27c7e9b601344ef109d","sha512":"7c02b9b887c6c34948f9da8aba844a3001090f0fd2b4bcc3bf0c09ca47d585c36badeb264a193e9ed021f11ffbcc016977e11ff772841433e714f643523f2d1a","ssdeep":"3072:vqSp7BygEFCXqLkT5vd5XnTWhNIhdmkIxWjlP3/1JqobepmMGWR042:vqSp7BZaiv/ukIxWjlP3/AmMGw6","tlshash":"6b241aa93a95f1226ab3027310df5803733d352b280d4d61a511ede9b4b845eb17bfaf","size":220065,"data":"","first_seen":"2026-06-24T12:06:23.502088Z","last_seen":"2026-06-24T20:46:08.213669Z","times_seen":318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3121-84e2be85f77396fc.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b869f389beaf6b6ee305c2aba742110","sha1":"616f5957c5c11da916d8ffedf458597b7612b071","sha256":"ff0cef3d5e2eb5fd8fc70bd3af62141c28494e8218ca265cf9a5e5928df7818c","sha512":"9ddf70d0dd79a02c44d6a335d5170723a18ae5b4981c674756d69075f92eec44f398da73f2145878630de71aafa77e6da60cdb26bd138667b448dee4d3b1582f","ssdeep":"6144:A+AiF7KKW6WUSoMtIn9Ghv37xQnp87m0Sw/KKSUSOYYMCI:lY9C","tlshash":"eb242b497290b2e817e762a9547b282ef22f7d3cd222691477d4c87c3349dc8913af9d","size":224282,"data":"","first_seen":"2026-05-16T23:25:48.532058Z","last_seen":"2026-06-24T22:07:01.153469Z","times_seen":2543,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3585-1a2341a418cc0f3b.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d66e895831146a3fcda6c0de48e66fbb","sha1":"ed6c9b6bc6805e7a74c90c2f70040a22a7c0f9e3","sha256":"ea60fb56fced9d92b0247021093d020a5438a67c1084d715a587c598278a804a","sha512":"6204b75617d69a9c649c089283b8fff6285c43d78b07045799a230225ffec878299a45b73c0b05a85a83ca19874e7de30333065e46c981d3720790649ce965c2","ssdeep":"6144:f9gGcm/FTmn65dg2/s70cs6eWBsY6EHNfm5Dlf3+FFS:XhWwKNI","tlshash":"3b845b98725060e8a28762b9552f154db33f2578e02ccd14e39ac87c7295ccce63bfda","size":376596,"data":"","first_seen":"2026-05-16T23:25:48.549118Z","last_seen":"2026-06-24T22:07:01.097978Z","times_seen":2543,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9883-c825881b2c3b0fc9.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcc8e6423662c12c5682af8dfa62a5a8","sha1":"b892e8086c047484a6e09910e1f5856e5f607bf2","sha256":"fae79308e4825e4d0f92e72cc85189405fb0c80569638bdc473eb7743bc4d4b3","sha512":"c48d27ef493b6d93cca9320dd5602a5de168d7deb5ea80dddde2daddf2b75293f15df2de435a834ad87802ad9497e8bd92c4763018a76ac0e6c897bd15689d90","ssdeep":"6144:TDWV4xt0J6T+WqV7OF8JpCXy/ABCf5iwEVQt3byQvUfV:Tr","tlshash":"6e94a829494416622b6323cd268bd80fd08af2658246c9b9f7964e7d21cfdc4e13bfdd","size":437773,"data":"","first_seen":"2026-04-13T13:34:34.692397Z","last_seen":"2026-06-24T22:07:01.116558Z","times_seen":2602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/8824-ddffb509a90576a1.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88138b1397ee14b04ead267aa44c4196","sha1":"760b927bacdf81d73a0f2084bfb3ce7a76478e63","sha256":"a2d07d31470b51490786beb8167c7fafeae5a0236cb44537c4dc8857b3c448ce","sha512":"9841fadaed80aabc013a0fdccff0b1356d14a06a2952bfc883dabd299aa5fd9a4369b504e8ac7d28f47c27573be3bb4b94b08d389d3836697c2334185931304e","ssdeep":"12288:3fB+XoxJuhu/v7uV3rIPE8zGglvb9hsm8sMQMNIYsUKwJAsTF4Xylyz+hYsUUIJM:vGgthhsnR0yF4XylryF4Xyl+","tlshash":"94a4be69da7112fdef516ac0ca177015dfe6a6936fc789e8caf6ac040bb05ce4301e91","size":492118,"data":"","first_seen":"2026-04-13T13:34:34.606306Z","last_seen":"2026-06-24T22:07:01.116022Z","times_seen":2603,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/4310-53eb2d994601d39d.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1cf0afc09bb69320084b8de536c82c15","sha1":"b366ac3a2df29aa97110376475fc08e2b310e168","sha256":"5f6628bec7be06e9879a734589c7ccc242657acecd391f739a86d88f2597b1ee","sha512":"cb32c35ceec0ed7c3b0cbb53eef1a7754053eb228fbc9c1aff2abc56eff7aeccbac081b3fa583f2ebf3ba836f3ea808e269b380636f9fb04b3c887f425900bc3","ssdeep":"3072:PSHoE3ssKaFRWxTDF0+uoWTr/9CPxZi2rbG/r0mJo46W6E9bVWqnEbvY:wb","tlshash":"b734370cd7bdf3f51eec389e36490c3bd5a9763093a5426688d0b7eb5485cf400aa79a","size":241643,"data":"","first_seen":"2026-04-13T13:34:34.704197Z","last_seen":"2026-06-24T22:07:01.119951Z","times_seen":2602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9796-477f833bec802edf.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3cd700563cd8e58c974d39b5117025a1","sha1":"8adb06045734081c226292a64b902365df367e22","sha256":"92c3493cdd4b2f4c088fc3c1aad125fee7a6efff6470de708bb5363e2c2b9e48","sha512":"89bd514505d7f05dc1d6d9124541bcc8aa98cb80bb21ecbf2ce07e05c4f9767ed6ff1f2ce6a99f5a994cdc9801fa416e5d37ef0bc5c046b18d4eb13df3a033db","ssdeep":"6144:cX68qDg+HzhjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcVQoDMEFilOHIUJW3bXlB/C1:VjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcJ","tlshash":"eb44101c8f7242edbb187c80ce4770698be586466fc784d8eafb5d244ba05ce5342f66","size":261678,"data":"","first_seen":"2026-04-13T13:34:34.615711Z","last_seen":"2026-06-24T22:07:01.112619Z","times_seen":2602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/19-5bece4aba82fb776.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"499ae782218e46ba0165104a99a4ba64","sha1":"dd6335c8003db8dc40f3b6e5fd9ec389bd5679a4","sha256":"7930fcc2462bd18b8f3559392d9d610cb2a4cf2aad270fc533012c2fa8560ab7","sha512":"71885acc13827a064e0430afe760dadfaf8afacce9f7dabc324d265d126140a62d9baac56cb09e1725cfedc955eba79c0828bd9891ee524aa7d19448c1557aee","ssdeep":"12288:EW2sqZNSN87vIomx0wgH+vVWQo7AN3zoMaaql++gWuWUC4Qj8zINa8DPeo7B53zW:9NgvIh/VSUVPyzLW3fxz","tlshash":"02159459ca6602fd7f586c81ca4770698ed282136fd78afcdaba7e1447b0adf0301e51","size":936675,"data":"","first_seen":"2026-04-13T13:34:34.636004Z","last_seen":"2026-06-24T22:07:01.098698Z","times_seen":2602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9689-39df663debcc7932.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"95575815245fac0dd0f1a088b5673378","sha1":"b5fc9a98ebaac4eac518520eb74304a19af4c4b4","sha256":"2b609ad50f89d9da15d3da8423cab5a459bb395d18125b50ac3646d7a4a7bb24","sha512":"cce3d8d652ccceb67e5c4091294a2c837b597c36be10c62be39c860fd5418c6da27b20da4e2067ec964c7a0bb667cf3a577a7b3bdfbf5e4c013be7f66a24ee7f","ssdeep":"24576:7tPaAKapUMi69Q86f4lJay+AdFYR/QNnBKM7x5AKGE5X4iOJ:u7KwNhQx6IIiOJ","tlshash":"b665e039b224247946944086c05f290aaf72541f29c5c4ecb678fcdb5ebdece237ab74","size":1462413,"data":"","first_seen":"2026-04-13T13:34:34.700386Z","last_seen":"2026-06-24T22:07:01.165718Z","times_seen":2596,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/2366-925fc85d237b17af.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7911660cff2a47fdbc9415ace2e3188","sha1":"3ab908a0337f5ba043a079b563d3c584521ece41","sha256":"4a2741bde36436647e2ae672eb2ef1262c83541e3d13784b48cb37b165bddd8d","sha512":"e21a40e23085dd405ca6c8473453fabc4c7df8999a472fad7a94a4f26856b2d5ebbfcae375412db956a96f92cf7f630b5804e5090ac19f22eb4b7a1022c96b3b","ssdeep":"","tlshash":"54f09e9920057c387abb4c02096e8c2a287c3572be091581e707c5a0009faf85170e9a","size":467,"data":"","first_seen":"2026-04-13T13:34:34.684954Z","last_seen":"2026-06-24T22:07:01.111503Z","times_seen":2603,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3083-d0071871f85c1c39.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e8736497d50701fd7e98b6af046968f","sha1":"dbfea11666fbb04bc71187a259b4318e935577c3","sha256":"f2bf0ce31e01e02feea9a6dba28d4318ce7e060806dc0c8e3a312b86a47bf163","sha512":"27ca329911a680c2a0654f53c3acb9846e41afbe86166bc73ee90c4f71aaea53c07bd3c3fe30a058e58154e9ab721f0238fcb7d087b6cae9a0313a6cabcd3aba","ssdeep":"1536:9wnbMGYAkPeRRJ0u4fU5g1+GoDJy+N0jPkV/KtXcUN3tadBZx4fH+dMxteMSVgvM:9wnbvvg1+lhN0wBDMxOig","tlshash":"84d3961600c827b52b677b25265acc0eb61bf23dc7429924b694c43b168edd461bffec","size":140858,"data":"","first_seen":"2026-04-13T13:34:34.639501Z","last_seen":"2026-06-24T22:07:01.125122Z","times_seen":2601,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/5358-6b6066a7c5be067e.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9156598b1de03a5170a70624dfc8177b","sha1":"b3492044b8717c0f42193be8f4e8f28a82e1350a","sha256":"a766f5b00eece4fff39e14883d3fd3b1d296272714633a36d9fceb8216d72c68","sha512":"766eb2ab0245999d24dcaa587fafe34ee2312c4d10e89f6f13f8cc4269bd1af69ad6e7332d59a1b2c509a2646875092e7403a98036288c030cbcd41ec7290a61","ssdeep":"12288:xHJlmOl48cdPyBOpIwGAWA7k3ghrhanjqv:JmOl480yBOpJBhrhan2v","tlshash":"7225190ea7d473b41bda3149364e4d3fe25cb638c352d016a5d6ea7d228cce4613bb98","size":962608,"data":"","first_seen":"2026-06-19T17:10:47.222323Z","last_seen":"2026-06-24T22:09:23.541492Z","times_seen":1122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/7262-260eb856ec86ab3e.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc5c946ea01e852079c01158915eb9ea","sha1":"5133bd0de532b10449bb08521a92ca6a1887b7eb","sha256":"4a07fe3714db1466ba3968c1de34671f62ca3d5a3e9a01c12fecbdf73f2361d7","sha512":"18a65b639abe772a19c8332cf3709c4e0213353430e032b2cd550e739db2467dfd24ad1fcb4a4ea3675c81f34215a5ffc0ffb658dbf80ff70c2382171199b96a","ssdeep":"1536:nopcljgCIsBEzrJ8i7e85k7yRck5L8Nwxg98:nWuUCIsizui7e5mckJuwxu8","tlshash":"d3730a953180f5ed17e381aac42f644ee32f5c2ce51a766463e4c9ac725d8c8e137bac","size":77603,"data":"","first_seen":"2026-04-13T13:34:34.62862Z","last_seen":"2026-06-24T22:07:01.117041Z","times_seen":2602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9338-742398fd846a71c9.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"35949001400b87164feee5e87bb4d21b","sha1":"5fca2da66ae0589889299bbfa3d213e5e04c9709","sha256":"16ed0b2c2e53f93201db0a8b5787453855e66151890115a58c93605771ee912d","sha512":"b7873b0ad7fc8671962347515c0f6555a6cf4b524b3da006d4dfd697db93634a65337b5d24c1802baf802dde2fe3e8bdb81254baf08f4f7f44f3c5355e62bd4f","ssdeep":"12288:ypzOZxRLLD3iWRSM9LAlsr1TxmBY3gM1+7Yj+fjxl:ypSZxRPFgl","tlshash":"fc35a35a408827922bb37695269bdc0fa01ef52cc743c464b791c57e26cd9c8a27bfdc","size":1139216,"data":"","first_seen":"2026-04-13T13:34:34.708599Z","last_seen":"2026-06-24T22:07:01.156427Z","times_seen":2599,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/4212-38fe49b6236c7c6b.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1ee028598eb24e7427f83baa42198b2","sha1":"29ecf0ab8deb78392a4121a31e2fb63c764ce99e","sha256":"108693690d6f21f1942f276dc1e12eef8524ccb9678e1faeda902063ab3b2f0b","sha512":"71bd29cc66d0adb5ad11cba3d95baa883771712afef080e8b1f7a9c107dd9beb2404a2c43dd616aaf717ba69cfd4786e0c801ff3d88b6d201b8156124535fbd3","ssdeep":"3072:IxvuXFqhT8pi01EOUIMdda2zZ9GFOTASOeBTny//G:qvmFqh7MEOUVL1TASOeBT8e","tlshash":"ccb33b9972d0fd9d3bf3946a8c1fa40ee2795c2ed42d710462d9c83c72599c8e136bb4","size":114414,"data":"","first_seen":"2026-04-13T13:34:34.631899Z","last_seen":"2026-06-24T22:07:01.107454Z","times_seen":2602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/8648-b9a24ba9b5bc0c95.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"64ac18239b88412b51396962f715bfaf","sha1":"6f1c3b2e5221f7fd0a33a21b71b0da115104ac2b","sha256":"4de421b3cf3dc153ea613007e6284e3e83ee7138bd9c660d7f1388ffd21951c6","sha512":"ce61e11a8c1c7a344093f0ecee44b223822dd41971f92d0e898f27dca45d5fb4a5d59c999ffd9d17978608b49810df9f3a634021abff011d15446adda073b139","ssdeep":"1536:Trle2nu/m82CFnMxwZCLVfvDzQjpY69xAq3CDQJUO9fEVJoZ1NbpGGVitgmdAYb6:TYUH821Ni95SQJxfwURk5bseKbsK","tlshash":"1ee3e889f191f2fca6a224a9412f444ef22e3f4ce5255410e6f8dc083a586d9bb37fd5","size":144939,"data":"","first_seen":"2026-06-24T12:24:23.424927Z","last_seen":"2026-06-24T12:53:43.348908Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/5669-ed334c2dbb466446.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6438c3dec7c2f8d1a4393aac0a9f590","sha1":"931f6f0648b68a394c0558fbb95934a059b7756e","sha256":"435b360ed59df86f97765d5fb68e6fa87486367009d059ebb558ef68a88bea43","sha512":"d78d1e4cb985aa6e6402fc821f4abd3f7d4db574d6d5e328c6eedccd61816ae5138844a368dfd471fcd1ee62877d851efebdbc1c9c93d3dc664bdc7d90de3258","ssdeep":"12288:+3PyxSJSN87vIomx0wgH+vVUqmAStvp1H/llr9dhLR5EdNbE3aYAiLQDEmAx//pd:jNgvIh/VKdVPyzLW3fxp","tlshash":"2455521ccf9201bdae58adc1ca4770254fe286531fd789ed96bb7e204bb1a9f4301e61","size":1370944,"data":"","first_seen":"2026-04-13T13:34:34.695086Z","last_seen":"2026-06-24T22:07:01.168213Z","times_seen":2599,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/5709-ea7a4340808316a5.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"86062450ad0d41acfde933cd4f31953a","sha1":"98896280abf82e8d70f2741c3bf515ee52f3ed6f","sha256":"3cb93241a78f6343802542c1727fb0a279298acc8f51e60a02cb392edde1a38b","sha512":"0665d5a1dccbf6ba1d6228806d8d71fadfc66ce0eee617eb20d1849de6b54b0373632e91bc6f6479e2e81d881ef965b481ee712fe221a4e14ad2fabf935b079f","ssdeep":"6144:7nRjnRVLWQuV/er6qcEhJMQslkFN0bbLTYGifRh3Y:TuY3ZslkFN0vLTYGi56","tlshash":"b165278c67b5a3fcf505b3f8892b58747e6a38fabb51c438c3e98d14e1510ac89658d3","size":1454652,"data":"","first_seen":"2026-06-06T12:20:43.204834Z","last_seen":"2026-06-24T22:09:23.569924Z","times_seen":2470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3715-1862ad9008505962.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2927eacb55a6224ec8cd6caca3db99c2","sha1":"a2bad0fd2d18b815ca48407464d6402918345813","sha256":"08f764ea42a0be91df8df5d26c417926f70a6721d2ec38264a3a28f13a98f974","sha512":"a5763ae91e2fbd84c6843f454a37179ae3083d4288200cd9570e88eaf655d5e1dfacbfaa5feecc671ab867d991612ca4464fcbea23a406e706e19799d9245a69","ssdeep":"1536:G8iMZeCMcsspNYlpAsz1jzsRr3KTArL7ml1C+Rmsqq99WsA:JiQensTQmYBLe","tlshash":"6683c764f1e0f6d4e1575399c92f460df12f2eacea25782cb3f5d818b7044d8622eba4","size":81522,"data":"","first_seen":"2026-05-16T23:25:48.524516Z","last_seen":"2026-06-24T22:07:01.123822Z","times_seen":2542,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/6544-b0711005848a5ae1.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"39a5893ca0e9dde921d815faef0cca25","sha1":"bf860904497bd9c873fbc6c44eff66b61d990a44","sha256":"69a245030c2015ad280eedf3d0e5c896f8672d6803277ee2b15aa20e24595450","sha512":"439a73175b07db2985b9bc16ca9a6b5a029a041d3285e4c6c6e74e3749a85c41cd2db6a0999dd0aad865f389558e77a38bd1e42f36a27d3ee02a6731b9cbfc8b","ssdeep":"3072:LxF1G4zn2Qbx7Lg5H+vCWpduOhWr8BqUH9d8YFdNWRmfewJTLiAezha1h5L2iQfS:hO459yOCd8/qGwUM3qMz74SIxTrt","tlshash":"3a15321cc778b7b12fed398936490c3fd66db570d7a202566994b3fb1088ce0506abda","size":932011,"data":"","first_seen":"2026-04-13T13:34:34.701686Z","last_seen":"2026-06-24T22:07:01.099373Z","times_seen":2601,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3980-010af18f0f321f6b.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ebe2885d4d5b7870215ed1d746ae08f","sha1":"ececc6607c16410aa62783cea6de95557893c3ca","sha256":"68eea241c058d3a7c5cd5eb609397e4d833059221ade7f5154e9f68da97ef40f","sha512":"a14e01fe32f03659c957c6d5c9d01cc20c71308424cf842a7d178aa207358e270a9f531acc7d37e285a34fabd655ad88256cd82143dc1828eda771bc46bdbc91","ssdeep":"12288:9Fw3/38CUqBZw5AcYk0G2KVLCfEQ4HAIrBM6k18xyBByFt:uB7KFrR2BBU","tlshash":"3cb4c60ff3e4bbad26b57666be0f537ab31c2cb9d714e81496a9f0152344ca86135bc0","size":514070,"data":"","first_seen":"2026-04-13T13:34:34.626821Z","last_seen":"2026-06-24T22:07:01.154067Z","times_seen":2603,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/1342-e39ae382517d6e27.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b0b6471e752a72a4a67baffa5e490d6","sha1":"b22ad340a0948c9fd128ad7703281b20d3a2f91c","sha256":"4234be7a3de7cd09bdecf233b7e03b08945e08acbfe8203227aaa856f378c39e","sha512":"77a017b0409437148709f41743bbcf186ac0f144c7b82d60f8aa9b5c383587a655f7ee6ff2e7d8d1253bda8d234f6add0b224c6dad08dde55a6b9a4a421f2f41","ssdeep":"3072:2XikgRVZiU7NiK6xkdF3GK0/NtT8aH7fwTqdypuWw+1sGKIzXBX8zY72ibkhfv06:2XNUpieiztQyz4zMV","tlshash":"7565cde8678526e5bd4cddca5940b4ac007980370dfbd1cceb2af4e740b87b746a9d26","size":1449011,"data":"","first_seen":"2026-04-13T13:34:34.691135Z","last_seen":"2026-06-24T22:07:01.169818Z","times_seen":2597,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/7580-1e05813e2213c2fa.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e95d3438a4d191ec149a209f2321321c","sha1":"ad5631919f911a7b20854095d4cf3b10658d364a","sha256":"764376cf71ad9d64078ab383b8c383387c50daaebed8409ce6573c4674206551","sha512":"3a4b0fdea4b4cb0a24f7005fd2f41a3473e46b7e5206716718550f868b2249856ca610de63b4c2a8a6e6113480cff06728878f0aef293c7c300276c174579336","ssdeep":"24576:K/cpQlKxQvBIVV/7x6XomFnoMBnxBqyk5QqBQqn:K/eGGqo6YmW","tlshash":"f96539298a6502fdbf596c80ca43345a8fe296137fd789fccaba6e1447b46df0301e51","size":1451511,"data":"","first_seen":"2026-04-13T13:34:34.697666Z","last_seen":"2026-06-24T22:07:01.158316Z","times_seen":2600,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/1617-516db04f21137a6a.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"24fdfcfce61be021904770b2b372ca81","sha1":"bc6a8555479c61ba37ea932d435e967aa1b28420","sha256":"d95d061529e6b787411e9de741b9946e0daf5da613c585a1c9ce261c18aa12ce","sha512":"f60ec3821ceda20e18cabb5a1a2b0f1d1e1de6d97c049c912c6ef61cb827f169ae6dfb45bba561ec96a4f5ed9454d3ca07ac3c707aa0bac224f9736c56df84a7","ssdeep":"12288:yzq3gKoizq3gKo1mTkcAA92TkVAA12TkVAAD2TkVAAF2TkVAAM2TkVAAm2TkVAAp:+","tlshash":"7a55fd4c8b6602ecab986cc0ca0770558fd586177fcb89fcdebaad145bb16ce0311e56","size":1310318,"data":"","first_seen":"2026-04-13T13:34:34.702982Z","last_seen":"2026-06-24T22:07:01.154789Z","times_seen":2602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4f58df8ef556437633bb90cc31469c4","sha1":"c1c713bb5046a54cb79a8e7537b6d7fca624fd45","sha256":"2dcb2e50c883929aebb7a64a7a22cfe2260d856a3c36a6926c082da19c552b7b","sha512":"54c8a79f5897cd198db689700c24f950ad7fe19eed815f8bfa0e47428701d8c84a1fd8f677a6f1b2a4f1443f35f2dbd19e6f456ceeebfb1c59275bb356e1a5e9","ssdeep":"","tlshash":"bfc02b041427c47b421c6f4dc02243d4e4b020bcdc492480801d181800d0c313b40cd6","size":130,"data":"","first_seen":"2025-03-25T18:26:20.414558Z","last_seen":"2026-06-24T22:23:06.072532Z","times_seen":46461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/249-0939437a59f2504a.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c3f51dd99a0be861049ebd4632a3542e","sha1":"3d08751beaf09ce31d44722d42da0650b0fc914c","sha256":"10976f7c91d6bbc5f35b9cd987501ad59a99b2a162a74b0ecbc9341afd0322d4","sha512":"4d67fb8e55edf461b142a253a2a20b675c1e9bf2c65ccee6af44d85dcf05b0467b1ce35a7f96a0f8cacf5c0e5c22ff530754f8286ea07eb6d339d72dae198c76","ssdeep":"3072:BF4UMvqBX6EG8q4H7GRxe8JTDUkan3busQd1yKlvRnTT/vD3Y46m+OEL4uFAQNgu:34UMCBX6tdDHV5kD3QPRuN","tlshash":"3d54fb0cf7fdf3b919ec389a364d0c3bd9a83a35d3b5625249d0f3ea9444cb4016a6a1","size":281586,"data":"","first_seen":"2026-05-13T18:10:45.999462Z","last_seen":"2026-06-24T22:07:01.11554Z","times_seen":2550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/2643-f0046750557ecfce.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"22e80ddc9f6a618a74ae2024b1368d41","sha1":"92a5cb5a65b6db5e9fe377f30c867d91395fe65f","sha256":"cebfb1f5431b46b051bea9d7bb688099a15ae2d0bc9d906fad0678294dce11eb","sha512":"96d815f6d514ef47fafeed39af74b87f862781c464d29d2983b0b580da47867a08fe38b8f4cec9a32f181dc4174b981ade00e3b797cc8cdbcb48a0e7446a071f","ssdeep":"3072:lhsm2vphspSZ5qYHGKTG2Ucav/sLJ7T8Z2KxTofh5p0yEdQ8IeCp5+V0z0DLdD3K:Q3koZ5XG5sdSqfhwyEGASNBpH/","tlshash":"83440c2769c4127c2bc362569d675e4ef35ca918e215b419f3d7ca3d338c8c4b13aba8","size":276387,"data":"","first_seen":"2026-04-13T13:34:34.673947Z","last_seen":"2026-06-24T22:07:01.146265Z","times_seen":2603,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/5917-79f62dfd025e2ed8.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ca06f5f3bc0e7272635d3eb7fd21689","sha1":"9ada53daf4ba90d7f3753119de9706dac516b031","sha256":"a7ac73769bbcfdd03f2c92b49440dd8246da8b33ff1480bd52fd213c69045386","sha512":"18bb91ff4c12dd5797f0e207c14c4f4e0830ffbf831a158fb1211fe8c56d36f5f697b29a0173387beb98dc6c1e7f96562f20e8b3231d275030eb60832bf4066b","ssdeep":"12288:m9kU1wEKxHLIPrsjbDcvnTJmP0I8y/PEg3Ahkz1epv3BoKuW+xMQT1y5EVNy5EVZ:mrwEQ9OHeH","tlshash":"5e35bb4887aa42ec6f9d6d80c607744a8fd69513aed789eccbf9be141370ade1311f42","size":1153840,"data":"","first_seen":"2026-06-24T12:24:23.602777Z","last_seen":"2026-06-24T12:53:43.396196Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9564-0cf3b4f099c86954.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f1133f31f38a7764ffc9bd1b3df097e8","sha1":"d5d2b6cf4dec8e50720d6754d015bc4736f6c72e","sha256":"5aec2933ae085f9a1203fac9a6a05a2dbbb5a4e92ceb66b1124084dae588afbc","sha512":"abfc85e1473134449c3ebe247ad09931b39c01a2b43e65ed5f863b30b2d791ee25b24d9335cb778771683c3ba87d996ddbabd6668d089e932c3e8d57d92cac20","ssdeep":"1536:sAvhk/n1ED3wnpzktrXFlnEA8aqLE4++E/NL7:sAv6/n1cIzk9FlnBCLE4++E/N3","tlshash":"9d531c8cf3d4f2a927e670ba283f1c3bd12e7a34971990645794e6b42549c885233bf9","size":61557,"data":"","first_seen":"2026-04-25T11:58:25.658808Z","last_seen":"2026-06-24T22:07:01.121243Z","times_seen":2589,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/4577-b61d38b6b034d783.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"41103c0b0ac58161ba21e497c169a924","sha1":"c88e93fcd1195642c4470d4016f019ccd079aa1d","sha256":"be4819967273ae5cd6b750269b38df275e7de51ed59c459e52be1a3215abcec2","sha512":"008a7a566b759f0ad50cb551e1456f93aac047c0ae8c195c29e7a590acc5cc5a447be5e6dc17109e5de66ac7dde5a1a6055e83f64fcfc296ee418150c4664491","ssdeep":"12288:GxIYTLljXNW4D93yq3F/1hWJ24cvYkwl/eH3q0kCwI3UxrfZfM6A333xJUgHAsA/:3/cpXlKxUvBIVV/7x6XomFnoMBnxBqyg","tlshash":"8355c42d8e6641fdaf186c81ce8770658fe2c6432fd785e9dabb6d204fa158f4301e61","size":1365559,"data":"","first_seen":"2026-04-13T13:34:34.693793Z","last_seen":"2026-06-24T22:07:01.166528Z","times_seen":2601,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3047-780ecd63e8341fd0.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a45ff6317fa4327137123bb7bfa8d4b","sha1":"bc1ead1c1e57bc9d70d9ce61b6580fcff62dde6b","sha256":"52347ddc20c0cf9d1a0b8d9b4f7324defd9706465148f58c081f4c07848b1d65","sha512":"714d24afd1fc0a2eda39f7f9793701b61d9b29be01f251c4cbac43a76732bd29c0352d99eb68cb43e69e5670f847ea3e8b4ee9593188b64937437621993ec32b","ssdeep":"6144:fT+0+Qhv42Fh0idHSlq9p0jy79DMHyPCij6MIVs/e5rKYfxGAaXaifqUMjuTH8NT:rrfOR1","tlshash":"d3644ac871c1f4a8929361a6803f050bf23d2e2de45d9454e2a9c8d87979dcde237fb9","size":316805,"data":"","first_seen":"2026-05-13T18:10:45.788088Z","last_seen":"2026-06-24T22:07:01.101465Z","times_seen":2550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/7185-909ee90aaf995ae0.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"26b6258ebec6e188d9877da6968778fc","sha1":"3d94231dfd3a34c321124245d5ad972da0fe9795","sha256":"2b06c7704958dd4fb2a69b09685d6a996f4a0c2bdd4309eb893d60c48da37cb0","sha512":"9d46d4329830556f9532582784a66e129e43f1359d233bade23964a2469ec8e40cd3e835da087119b39e8d02d5695d8b29050e60444564311394a0194670c280","ssdeep":"6144:QM59C1szfrCWDw32B9SKUVG1DmeSafWTnp2iYEGeuD+ji8ktmHUVYL83uS2a46Gn:mO7w3qEKUVG1DmtafWTp2iPxKUN","tlshash":"12e45d1d72c072ac17c363659a2b581ef36e596de125a804e3dac93c325ddccf13aba4","size":714479,"data":"","first_seen":"2026-06-24T12:24:23.428269Z","last_seen":"2026-06-24T12:53:43.3805Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3275-bbdcc2e176783c7f.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"29fc6e35b3ecf993dba69228545f4d1e","sha1":"6d3d45d5d6e89c4c0c4be382359946c7f0c64529","sha256":"23fb767865b4ce96a897782c29d5a975a49d03eaf182146c61cf437eb690eb62","sha512":"17baad66b6b4cb23da59cdd3a0d01eccca6dcc23a46c7dfd990ebe03b91eda2b8749261247e731ec40440fe1380174321def6faff0fd888fa18663fff48e7a1d","ssdeep":"96:B6MlXsyMUxCCPs1VAbAvHbhPfjBItMbk6wd3E6l7b+5UYwhP7gb:/XDZ8CPuCsH9PFItQAU07wU7P7gb","tlshash":"ffd19961f091ebe4f8b708e8952fc40e726b2644d61948e1f5bbb8701b101f87b27f89","size":6161,"data":"","first_seen":"2026-04-13T13:34:34.666569Z","last_seen":"2026-06-24T22:07:01.100056Z","times_seen":2600,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/6544-b0711005848a5ae1.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.137Z","timestamp":1782305573137,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/6544-b0711005848a5ae1.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B%2BF%2F8gecTgGHrjNrzXmcoBeLECr4BXVBEA6Mzo0p48NpLz5ZUrvooio9o7RwTnhHTL2PTbRGscrRatL23P6jz%2FxHopVJT%2B15OZDnYpQ1PRRpir7eBzcWsEqXm7HcIclNaaY%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 192136\r\ncf-ray: a10bdf482f1a5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":932011,"size_decoded":192900,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35586), with no line terminators","md5":"39a5893ca0e9dde921d815faef0cca25","sha1":"bf860904497bd9c873fbc6c44eff66b61d990a44","sha256":"69a245030c2015ad280eedf3d0e5c896f8672d6803277ee2b15aa20e24595450","sha512":"439a73175b07db2985b9bc16ca9a6b5a029a041d3285e4c6c6e74e3749a85c41cd2db6a0999dd0aad865f389558e77a38bd1e42f36a27d3ee02a6731b9cbfc8b","ssdeep":"3072:LxF1G4zn2Qbx7Lg5H+vCWpduOhWr8BqUH9d8YFdNWRmfewJTLiAezha1h5L2iQfS:hO459yOCd8/qGwUM3qMz74SIxTrt","tlshash":"3a15321cc778b7b12fed398936490c3fd66db570d7a202566994b3fb1088ce0506abda","first_seen":"2026-04-13T13:34:34.701686Z","last_seen":"2026-06-24T22:07:01.099373Z","times_seen":2601,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9796-477f833bec802edf.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.144Z","timestamp":1782305573144,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/9796-477f833bec802edf.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UCTAz%2BEDX%2BKLxcdUcc52pAuZ6MZ27ETCZUFLf5O%2B88DyOAswZSpnBWehhz5Ox7xa4B90EzXHJc%2FEZbaEwJSQESUrc93MHitw43w8EiaLYTWsFYKrZy%2BxPhclurudqHr2%2B2o%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 30594\r\ncf-ray: a10bdf482f1d5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":261678,"size_decoded":31361,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3cd700563cd8e58c974d39b5117025a1","sha1":"8adb06045734081c226292a64b902365df367e22","sha256":"92c3493cdd4b2f4c088fc3c1aad125fee7a6efff6470de708bb5363e2c2b9e48","sha512":"89bd514505d7f05dc1d6d9124541bcc8aa98cb80bb21ecbf2ce07e05c4f9767ed6ff1f2ce6a99f5a994cdc9801fa416e5d37ef0bc5c046b18d4eb13df3a033db","ssdeep":"6144:cX68qDg+HzhjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcVQoDMEFilOHIUJW3bXlB/C1:VjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcJ","tlshash":"eb44101c8f7242edbb187c80ce4770698be586466fc784d8eafb5d244ba05ce5342f66","first_seen":"2026-04-13T13:34:34.615711Z","last_seen":"2026-06-24T22:07:01.112619Z","times_seen":2602,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/countries/it.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.105Z","timestamp":1782305574105,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/countries/it.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QFtmuZz%2BG8%2B2vB5TVF%2FXoEzf3%2FZK1wlxivhpjokcWp6oof%2FvHoFKvy1uGXt4D1NxmPHyB4OqgzRNBERhU00i1JSP%2Fzw45LR81Fo1PrjTpLaf%2FcEMGisnx%2F9yFMKXEU8iH30%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 1773\r\npriority: u=5,i\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bdf4e2f795696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":878,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4d4f20f2f1c88447480002bbf675404a","sha1":"e4a918db17e02d130c9733d7457211389b459535","sha256":"41b974254f3dd5b0853af7585c0417998a1ffa52e97e000fe2af3eee2c916d57","sha512":"04e180d7684ab9fefd920a74433c7fdea73380c5ec2588d6174ea6c14a20bdf1ebaf250158977863fd79051cc5012e5da4b9453f88998262b5cdc1672810ad79","ssdeep":"","tlshash":"e7d02b9dd07de0c448229bb03e9e31c142962327364500daf04b271861cc3ef7e41f04","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-24T22:53:55.00249Z","times_seen":9096,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/countries/pt.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.106Z","timestamp":1782305574106,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/countries/pt.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VciOTDiEUfQ8DHbJ9zQEaGZrlXa37InkF2Tcr3zccQJN%2FdlP5L6RfMwy1zzTGs651JUXnqdTvAbKPMTCj4MQfKzAJJtUAEkNmHTT4YI5mcxK2gb4Mu0SdKpmDZsiv5nHXIw%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 732\r\ncf-ray: a10bdf4e2f7a5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1445,"size_decoded":1467,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6e9db125513715df3ec213f701b912d8","sha1":"f0fbb6a6e5b7a068d28792280f397a4b879deeff","sha256":"3054e3bbce0d049b0ab3d157a16b24f7a572a7a45e73d342e3b7b8d5f28f0a4b","sha512":"06c04e06e44b97fc2b4379173dcaa7003f3cc5ed58db1697e0934f96878fc16928e08eef9a0be085cafd61b545718da8e8a7d8b456b57b194a51c1e22128c775","ssdeep":"","tlshash":"4a3174c9a335b0c24a17cfa87f2ef3c2044a67f8291c9884708ba90c3955bcdbac4d00","first_seen":"2023-08-14T20:47:06Z","last_seen":"2026-06-24T22:53:55.04693Z","times_seen":8636,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/css/10dffa892f034c33.css","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.982Z","timestamp":1782305572982,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/css/10dffa892f034c33.css HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5iSJyFlwGc13BXc6lkUBhu4zh79nRMk6LXJOwNP%2B2Ep4vSWP4juYPNpwpyiWbWtC4W%2BMS3SFb1LDXSp1SVri5E8lrH2j%2FeX0OVi0LdW7rKBd9DwrEKXJ%2BVtjQ2ws7MLl4zM%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 14043\r\ncf-ray: a10bdf472ef95696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76394,"size_decoded":14799,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"903280523a763cf14a01eda1a188c571","sha1":"cb8e1fd73250fdd6509ce200f5215a75c6430be9","sha256":"91441a25f42db624a6ab86a8831b21a2a1f2466c4dff5f9d60596bf5c5bc2f47","sha512":"c8350ff391c334c4f5990ee6dee8b883d6158ff6fa8fd0bb5c8d3a1673b76ef3d2af75afccc76b5ba33fcbe554bb9db09202284026401b21af40704edd70497d","ssdeep":"768:91aLpv9OTdbkomfYKekdx/+dYCzEvBvwbniRXpnBv1L:91adv9qd4omfYKxb/+dYxvZwG","tlshash":"4073a6365130a13c7ae76934be98a5cc3136c592ab335bdef05abd25c1c71a73a53388","first_seen":"2026-04-13T13:34:34.68351Z","last_seen":"2026-06-24T22:07:01.119444Z","times_seen":2604,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/muskColorDSGN/mix/preloader.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.999Z","timestamp":1782305572999,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /muskColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ahwjh2Dzm2%2Fdyd7pKgu1TT8lktr7jfgIh2EI7Gzbc8%2FYX2WfEQiAcpZCem25CV8jm5wmUOcHYkRHBqIkEBwc4WA0sJRR7rLF6Xw%2BdO4Rv8vAn2QuHuR3z7Ufy5zJRdXFLSs%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 19879\r\ncf-ray: a10bdf474f005696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72100,"size_decoded":20620,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"850e1745f4385099a3518d32d9145e74","sha1":"69969125e203608b7462ed6f8eaaa2917d48ab0f","sha256":"31ccdbf4baef0e8d2e5ef2d71b200f1b8288afa891e6ea50729feecd86dcb895","sha512":"617fd124ef9ca7077d4215668197b1bd456b3f6dd2063130545d4040c4ae11c1d37a569ad757ff74ee26ccedb5db2f150439c8c515bceef6c0434c81ae46edee","ssdeep":"768:YDpuRdZRXU55SUH2v9rirdHR96Hi3WdoanhrqCLUEBHp5ZuQ+Ip1xLtaD3LxUynT:Qk9eui+hrhUEBn8WXED3Lx/T8QdxGwlH","tlshash":"a06395ed2bf018c949c8c3d7ff5944a92d2a91fba5484908f65c4fac1b85c5eec47ac2","first_seen":"2025-11-16T06:53:31.140817Z","last_seen":"2026-06-24T22:23:06.061885Z","times_seen":19639,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/index.html","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.242Z","timestamp":1782305573242,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://play.kuofax.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1uKW8xyTIfHGTGG1TZv9i3%2BlngUMr%2BO9F06ohLVbp4fqPHXnshKxxlbC3XcT7b9rld6ElJXNNsiLMvvyetUKIqQQvId227v1UzC%2BXYUd0ZAMo2hq5foBi3LnUpOkjE6y8UU%3D\"}]}\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bdf48cf2a5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7151,"size_decoded":2998,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2283)","md5":"3d31c22668b852e3630e8825276d681e","sha1":"fe20c62803b69831023487755713076914997b0a","sha256":"83f8480f7ee4e8a1add1ad8fc664e78e075d494eb5e2453e11c8223c6a5a9ee7","sha512":"bc34437d17531dab30409c22887f73896b873efb6239cc46437d7376f63553311c6c69a0db4a13201769bc8a8ed3ade1912d86f8bf745f8dae27ecb8dd5eed61","ssdeep":"192:EUB4BfBcq1EUTHAqRU87ig7FefSpGB913MCqO:EsgZjHAcpFU","tlshash":"cce185b36d149a2e07a39b9928ef224ea277e1078878ddc5a744542e42c57e88473f87","first_seen":"2026-06-24T12:24:23.385835Z","last_seen":"2026-06-24T12:53:43.339157Z","times_seen":2,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/api/v2","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.633Z","timestamp":1782305573633,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://play.kuofax.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 161\r\nOrigin: https://play.kuofax.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZrkUp0JscW2XIiwTbkioJQkEzS3RnkyDzB4cwva8yGVH6RRn4Zwm%2BHgn%2FitD06t4bB8Pakvwwg2v69q34py0mWEKTo0GJ5n0S5kJ5FEBXMlyGRDNV%2BWpGb8VbfVXunMSKf4%3D\"}]}\r\ncf-ray: a10bdf4b3f455696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113,"size_decoded":740,"mime_type":"application/json","magic":"JSON text data","md5":"39a8a92eb908f846c13ac5565ce43dc8","sha1":"fc5b290684acf5fc871f33a74da287b03a566fb8","sha256":"b699e7b9fa165bed32d3a56e87cb7f3fc0c13040667e6459ad48bcc84baff178","sha512":"4d6e511a5a0bb81308131fe970112765cb00f73b039ad92b5b5f3554c5faa0160f988fe0cd6f89f826e6908a728cc09d1ed5ba436cd121dd445fddc05406c913","ssdeep":"","tlshash":"30b01451c14555345d3451c0415f4d1c445f5553d1cd14d757d573d047d1544555fd74","first_seen":"2026-06-24T12:53:43.340018Z","last_seen":"2026-06-24T12:53:43.340018Z","times_seen":1,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/countries/in.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.107Z","timestamp":1782305574107,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/countries/in.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oCNm5%2FajMb3GP6uNyureteEyBvB6FSu0351y6Qq31KLhXw0w7Xfm%2Bc4jjEwQPNq0U9d0620VCIT4pziuQVHqbW%2FzkHNYpEJ9QuKW8KF%2B3uc%2BKdiWNDil6MvaAymsdWNfFtU%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 780\r\ncf-ray: a10bdf4e2f7b5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2301,"size_decoded":1523,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f0c892dde95804d59b20416b8db9fcbe","sha1":"41f09b07a8c26144aff93575ba4a07a0122bdae6","sha256":"aa82222076d0dd86dc6f37947faf10333212886549a33c4fcf6b44141b702018","sha512":"8eadf55e31f49edebffdb864eeec76900caf6f5163d2e3cf1988757271bb7c5e2c26c3986b4fe5b2f8953e733ea0c4bf4fb3cce0ec4d1010e20f5125abde3ac7","ssdeep":"","tlshash":"2e4165a9717df8cd9b01c6fda63bb9f1b00f50496b12d3a9b55b0f0a481a4fbb0056e0","first_seen":"2023-06-13T16:46:48Z","last_seen":"2026-06-24T22:53:55.053171Z","times_seen":8683,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/trumpColorDSGN/mix/preloader.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.997Z","timestamp":1782305572997,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /trumpColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zn42petJNEEsw5T%2Bzj5B7Oi8%2BWIeuN89RW5%2FcGqwvaIuElKNZo1yd5fJStE4EK682NXgyqdASBvWFMV2ZL6fJmbOxHAo2IucjfrQQychp0fTX7XZZCJMnGBbuQSLXQelfSA%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 38904\r\ncf-ray: a10bdf473eff5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119318,"size_decoded":39645,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"40fbaa8ff12ac1ebf23154c29e67a191","sha1":"a0a3a6c3b2a35874dca992b65fe8651809da05a6","sha256":"234f1a89ac1c64f2b60e7b7aaf30d3ec2cd97acd3f5fc844f4f55256eccaf843","sha512":"5c97f0bcda3d832001d8b751d6140ba2835b2ad34989ee6c4e9b44211dc8dbcb099eeb28666d6555505235ea97f71d37dc7c1a19e62c3a98a0cbd64e3c698ee8","ssdeep":"1536:objgkWcss2wEHMgG7RPP1VLatHLKazXxzP4D:TCB","tlshash":"edc360fc1af062cd88c0c7d27f69d2b93c17a3b798580805e66c5f5c0b9a96da851bd3","first_seen":"2025-11-16T06:53:31.134866Z","last_seen":"2026-06-24T22:23:06.031821Z","times_seen":19635,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/4577-b61d38b6b034d783.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.109Z","timestamp":1782305573109,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/4577-b61d38b6b034d783.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pcYUIFIV7zWc2b0ne%2B%2BMl1Bno9LbwuQ77tyCaScEkUtHq%2B6wCLdRu%2B0dvwBW906JPhDNGK3hG364Bqp%2F%2FH1Z9fjVXwxDOh2dZ6Xb9Zu6blBJhWXIgJXzDieo1iQjnoR5Gzw%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 612001\r\ncf-ray: a10bdf47ff0f5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1365565,"size_decoded":612769,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65494), with no line terminators","md5":"e6668d8af07f665bd6a728ea389b8445","sha1":"b44451db9a442a5be3cd3e428eae187031c8e6ff","sha256":"d66d82d7f23df37ddefc4a74bf15ca47b58e44f24171b875bb7911b865b5f17e","sha512":"cf413d7f97c7cb9a5f47be1f6d015d3cf6e0379a70e3d9e9d649a4640fea030eb4c6855f792b9583bbc963559a7a9fdcc8ef8febbca7e5d9a1c814a5ba722b5d","ssdeep":"12288:GxIYTLljXNW4D93yq3F/1hWJ24cvYkwl/eH3q0kCwI3UxrfZfM6A333xJUgHAsA8:3/cpXlKxUvBIVV/7x6XoG","tlshash":"4825601c8e6641edaf18ac81ce4770658fe2c6422fd785eddabbad204fb018f4351e65","first_seen":"2026-04-13T13:34:34.653552Z","last_seen":"2026-06-24T22:07:01.1026Z","times_seen":2587,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/19-5bece4aba82fb776.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.111Z","timestamp":1782305573111,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/19-5bece4aba82fb776.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FR51yXqOCDGSl71T%2BVgxW7SrflgnMAh0F8du689lSxRLB2Wn%2FdNawg6tZkgwZi3YGFvTuM50XLpf8E%2FGWm1M%2Fuz%2FHsPemLdkp5dr%2B1poI04MP8kXwHMbdaJ1BbFpQ6KSdBY%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 347128\r\ncf-ray: a10bdf47ff105696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":936675,"size_decoded":347896,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"499ae782218e46ba0165104a99a4ba64","sha1":"dd6335c8003db8dc40f3b6e5fd9ec389bd5679a4","sha256":"7930fcc2462bd18b8f3559392d9d610cb2a4cf2aad270fc533012c2fa8560ab7","sha512":"71885acc13827a064e0430afe760dadfaf8afacce9f7dabc324d265d126140a62d9baac56cb09e1725cfedc955eba79c0828bd9891ee524aa7d19448c1557aee","ssdeep":"12288:EW2sqZNSN87vIomx0wgH+vVWQo7AN3zoMaaql++gWuWUC4Qj8zINa8DPeo7B53zW:9NgvIh/VSUVPyzLW3fxz","tlshash":"02159459ca6602fd7f586c81ca4770698ed282136fd78afcdaba7e1447b0adf0301e51","first_seen":"2026-04-13T13:34:34.636004Z","last_seen":"2026-06-24T22:07:01.098698Z","times_seen":2602,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/css/d599adfe9f648657.css","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.984Z","timestamp":1782305572984,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/css/d599adfe9f648657.css HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=okc80UvYRBOeBb4q20N5a24mmugn4hLqOOpwku6AvPHKAVIPrhSLNrjhe8wdJhlhmHFKsyPGJHrkbXRqQ5cmmlpRHMVLcx9x5vQU7KQhpaf7uzjbPG3gzTFvGSrvzLROcoM%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 12193\r\ncf-ray: a10bdf472efa5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68963,"size_decoded":12941,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"689d6845a37e6a3c96ab9a76cf8f0420","sha1":"2930484cd58c8e849674195c73059425e6218d6a","sha256":"619447f843bd1558d398fc6c6548f2802566678eb7a6d1621fb2aa0b3c2ab977","sha512":"a467b0712c19a7d4866dee41cef2013cdf1509ee800a86860377e0eb4b217bc52a8d21a57b5695cd1be1fe81211ed007ffc07bbd6527d6a55e378eb7949c1265","ssdeep":"1536:SDzk2iKelS7yUAdO3CmoZV/AdBN/dilkbP6/4Nw9cXw+qicehzXu7VZ:F","tlshash":"1563b8715378f03cb977a82375819ace706dd203b97366dee5a4b43a80c76933a2274d","first_seen":"2026-04-13T13:34:34.644587Z","last_seen":"2026-06-24T22:07:01.150841Z","times_seen":2604,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/2643-f0046750557ecfce.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.127Z","timestamp":1782305573127,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/2643-f0046750557ecfce.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n6LeItWgB1F3RXJzPzTsgPMdQRgFlhz6CrQT97qNJovlCkWuiMsyree5zsIH1V%2FxFgZ9mdB1isHCi%2FoQbrrVxzqrlkFfttDfh2j0KvPCmmdCwAc3SGJOfOdKKiK6qHwTSVI%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 71174\r\ncf-ray: a10bdf480f155696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276387,"size_decoded":71933,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65438), with no line terminators","md5":"22e80ddc9f6a618a74ae2024b1368d41","sha1":"92a5cb5a65b6db5e9fe377f30c867d91395fe65f","sha256":"cebfb1f5431b46b051bea9d7bb688099a15ae2d0bc9d906fad0678294dce11eb","sha512":"96d815f6d514ef47fafeed39af74b87f862781c464d29d2983b0b580da47867a08fe38b8f4cec9a32f181dc4174b981ade00e3b797cc8cdbcb48a0e7446a071f","ssdeep":"3072:lhsm2vphspSZ5qYHGKTG2Ucav/sLJ7T8Z2KxTofh5p0yEdQ8IeCp5+V0z0DLdD3K:Q3koZ5XG5sdSqfhwyEGASNBpH/","tlshash":"83440c2769c4127c2bc362569d675e4ef35ca918e215b419f3d7ca3d338c8c4b13aba8","first_seen":"2026-04-13T13:34:34.673947Z","last_seen":"2026-06-24T22:07:01.146265Z","times_seen":2603,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/favicons/greenColorDSGN.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.488Z","timestamp":1782305573488,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/favicons/greenColorDSGN.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TNfV735by%2F9MjgsaUDo%2FRArZezx2PwzBScvYS6DG2q22fxzBkeO8Udmxk0zFjsoFMQTixqGeTgZUNzCmmz6C1zIrbO3nlKhDM4tNYPoumgA%2B6ms%2F%2FtSQZcvGY4Yqu8P1ZgM%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncontent-length: 750\r\ncf-ray: a10bdf4a4f375696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1468,"size_decoded":1496,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"50679c0c5e3ed56d05c1d0ed312419a7","sha1":"f9ea27ac71a78da2d61e14b84ea77ce447920d9d","sha256":"c164e1ea36438d14fea9b88996d154275a4c92fd80bfa082c7e00a343f241147","sha512":"163d4097d60ecdcf58cd01ea828e74491b0e27fcf3d40a2e7c56e6c90042d6d9a9b6cb18825052caf8799836ad35a44c1c88ffd2c35ce5d888d23716c27dd0f4","ssdeep":"","tlshash":"a4312e9e77fea185f448e7f8023999b932d36cd33a04d8282bc00c02e98091e9c9588b","first_seen":"2025-09-26T11:40:39.971586Z","last_seen":"2026-06-24T22:24:56.409226Z","times_seen":17879,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/countries/gb.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.016Z","timestamp":1782305574016,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/countries/gb.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XyRX82iqB%2B5%2Br%2FWaAAHSjw6QuuhXiat8DEdMrq5x9f0oVayLjrwoBdduFEET2ro%2BNnmBKfC6Y%2FAUrE7R61UISWeIh1w9lmpgzuPh0%2B3P4SOgTvDO999fE8aj98S9Cl2wy6U%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 659\r\ncf-ray: a10bdf4d9f695696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1183,"size_decoded":1404,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"99a9e5571c2f5acd9cb910ce6a3f39a6","sha1":"876935939a01dae371583220f75bef15b5185c68","sha256":"5ff2f32ed6905d887f7d771029c1e65b1ef059e92260b548908cabb4e886bf19","sha512":"14cfeeacd8e2f9b67bf2e1f5b2823a98fc60854fca5afd0b10be72ad647ffd38aa4058188451c98e2045628706f0b84dcad508fa901ce146705102fed962de1a","ssdeep":"","tlshash":"ea2163c84370b5c059a74fba9f28a2dc924925f9ddc96ecd10be0538445ff5ed01f009","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-24T22:53:54.98989Z","times_seen":9333,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.kuofax.com/","fqdn":"www.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"69.67.173.34","port":443,"asn":30295,"as":"2ICSYSTEMSINC","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T12:52:48.135Z","timestamp":1782305568135,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.kuofax.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Jun 2026 03:55:20 GMT","end":"Thu, 17 Sep 2026 03:55:19 GMT"},"fingerprint":{"sha1":"9B:4C:DB:91:79:FA:70:AD:6F:68:06:38:52:DC:EB:EC:75:D7:3D:02","sha256":"73:64:3B:D7:33:AD:99:25:A2:BA:3A:32:61:C3:31:EE:F2:52:D6:2A:14:D3:70:22:41:62:EE:E3:BA:8D:4E:EE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 \r\ncache-control: no-store, max-age=0\r\nlocation: https://play.kuofax.com/\r\nreferrer-policy: no-referrer\r\nx-content-type-options: nosniff\r\ncontent-length: 0\r\ndate: Wed, 24 Jun 2026 12:53:24 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-24T22:14:31.733879Z","times_seen":16692254,"resource_available":true,"data":null}},"time_used":4417,"timings":{"blocked":-1,"dns":4005,"connect":132,"send":0,"wait":133,"receive":0,"ssl":147},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"www.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"www.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"www.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"www.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/css/ce4a94f3f717c248.css","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.988Z","timestamp":1782305572988,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/css/ce4a94f3f717c248.css HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cJZRuxGvhv1nMtuvcEhB2p%2BJ%2B8LbURbv0r66ZmZMNS%2BfTOBP8p1aA2oydbLf0oluQI3Ff6Wddrl%2B3485oFGDncIDC0bC0qGuVz4LPPz4YG7sY0%2BZkGbRWCXCi3TEfWViSbM%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 5672\r\ncf-ray: a10bdf472efb5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29159,"size_decoded":6429,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (29159), with no line terminators","md5":"46ad4b92478a51e4234fdd6d675c9f3a","sha1":"649d65f39d1733aa5d13bb1f20e773e089ba6620","sha256":"8c2a5bd34c98a97841f128779b43cb8346f7ec1a35adefdb188f32eeab45bc67","sha512":"0f77212b79bb5fefe13b10066fa75ad94c9e4308f9bcfb246d77d96c9b67b6a442ace7fbd0cadd1f6dbc3f50b0c7418b49733fcded43b1bcb81459b605492059","ssdeep":"192:+rbxEXPgGgaxVOUzM6YLWBHo1Vc/nJdcdISbwWCnZclaumSgGBhS6lPxT9nqhC4M:+rL5UzMr0IgfImKwYAMRfmVnFI","tlshash":"d2d2a432a124d13cb8b684627e95e7de7058c203da7756faea41e52dc0df5e33b62308","first_seen":"2026-04-13T13:34:34.624049Z","last_seen":"2026-06-24T22:07:01.142438Z","times_seen":2605,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/7580-1e05813e2213c2fa.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.107Z","timestamp":1782305573107,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/7580-1e05813e2213c2fa.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OWM5JIQ4UXWO4tT8v9DPeYgfWuwvc%2F7X4N4T7wet7xwsCaVtc7FrDdD3xy%2Fwz12uej3CSKxwW%2BIyQtcjFyFhPtNNz19yMv5pslsTotzyMR5HzbchDbCpmkcldU5k1NqoznY%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 714375\r\ncf-ray: a10bdf47ff0e5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1451511,"size_decoded":715137,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65485), with no line terminators","md5":"98c08cdf440cab4defd3a6756db58173","sha1":"cb0468f2d2d3816651663fa0bc74664e8f52d407","sha256":"717efa16b30d921eb2daba2cc677ba5fbb7fae501448c81e214bac6760160ef4","sha512":"a124530866a44814fac196a6b626cacb017d2bc4dd8615f0aaf634db229322b4e40d9e6a8b360b6632e76f7679435ec94dfc5feadacfcf0c5e3a65fb89ef1eaf","ssdeep":"12288:EJe2e02xEzaIGTBrfzLd91WJ24cvYkjZli4CnLPwGDkiqCCE+WTjjXHPxy0D8eUX:K/cpQlKxQvBIVV/7x6XomFnoF","tlshash":"e925f7198a6502fdbf596c80ca43345a8fe295137fdb89fccaba6e1447b4adf0301e51","first_seen":"2026-04-13T13:34:34.686233Z","last_seen":"2026-06-24T22:07:01.148886Z","times_seen":2597,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/8648-b9a24ba9b5bc0c95.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.152Z","timestamp":1782305573152,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/8648-b9a24ba9b5bc0c95.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rdBAzcWkmDlvc03Uca7V275jLzCjcyfzG8NoRd6KKPCwavIUZ1zhVc4sKEavBAJnXkgHee5FB0lAQALygHs7ZV5VzoBOxFkvWHZPuVxjQa4TT4fufphKfxRayaWYJR8oQZw%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 35166\r\ncf-ray: a10bdf483f205696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144939,"size_decoded":35921,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65454), with no line terminators","md5":"64ac18239b88412b51396962f715bfaf","sha1":"6f1c3b2e5221f7fd0a33a21b71b0da115104ac2b","sha256":"4de421b3cf3dc153ea613007e6284e3e83ee7138bd9c660d7f1388ffd21951c6","sha512":"ce61e11a8c1c7a344093f0ecee44b223822dd41971f92d0e898f27dca45d5fb4a5d59c999ffd9d17978608b49810df9f3a634021abff011d15446adda073b139","ssdeep":"1536:Trle2nu/m82CFnMxwZCLVfvDzQjpY69xAq3CDQJUO9fEVJoZ1NbpGGVitgmdAYb6:TYUH821Ni95SQJxfwURk5bseKbsK","tlshash":"1ee3e889f191f2fca6a224a9412f444ef22e3f4ce5255410e6f8dc083a586d9bb37fd5","first_seen":"2026-06-24T12:24:23.424927Z","last_seen":"2026-06-24T12:53:43.348908Z","times_seen":2,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/bg/landing_block2_semi.webp","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.037Z","timestamp":1782305574037,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/bg/landing_block2_semi.webp HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/_next/static/css/10dffa892f034c33.css\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IT%2BZ1Hi8s1U2GvTBTWHxy%2Bb6hQ%2Bk80g%2BMPbHCZcthTkMw2DgtkMU2qaAiu%2BekJqMLg1kIjxd%2BOUfY%2FFrUTNnR6Sn9794efL0HKlOX37X4bp3mN7HY210Eb9dbxcd4PPgUvU%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 182377\r\ncf-ray: a10bdf4dcf735696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":182372,"size_decoded":183124,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"03a41ebfc2822966ccc84b5f11fb4f37","sha1":"8a03e5c17973d563e27d03be49e710e14c70d862","sha256":"c6c3494d6e8ce461c4d7b6d1003a9f6c5131d4bfbc81150f033713cbd161c50d","sha512":"feef02093801d484436151ede3a28e4a652c7614aed8bd49972100bc8e7fe24d276415b4be84c6bed0ba871af142c1ca12d405f8a7fdb2d43f9820dbcefc3a62","ssdeep":"3072:ReuoArLIEpV1NVfhqB14todZgaqt6eOLZCfBEunnFvrQbOPPFp8+AjJZP5o3mCoA:o1A/vfh+1Tiaqt6H1KtYOPnaNg3mQ","tlshash":"5204122892bed919d2d85bebc73d50da380cdac3ece73623df162435640c9d39722666","first_seen":"2026-02-06T07:23:24.025684Z","last_seen":"2026-06-24T22:04:07.773727Z","times_seen":5530,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/mix/landing_zeus.jpg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.014Z","timestamp":1782305574014,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_zeus.jpg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BNMGKJoa8hQdwMbc1RJNjI45noUiIt7sLfRLdUNpSqn%2FrItS%2FRjUYJE5FVmUQMeaszLsR85IDlziS6dT1z8Gg%2FTUTgD2TNGkloycK50FFNAzM5uD9JLStKbh5b%2BrA68EZzk%3D\"}]}\r\ncontent-type: image/jpeg\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 179638\r\ncf-ray: a10bdf4d9f685696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201878,"size_decoded":180381,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2368x1028, components 3","md5":"28ddcc23e4d8be01380e65e823904d84","sha1":"fe6cf680ed934ce00bbff66393dd076b15184486","sha256":"ce31ce6181ee64d6d05347285c6b04765859159285cfd706b617e02ab2851839","sha512":"375fd38d2afd987610235da2f48799220b401b999f012bef5d83e079e3f6142bc425d5d78991f35c8df66c88999adbb165399bd5887da34d9e2c9c495d7d327d","ssdeep":"3072:PpZCDctONi+s/9M9EpUdbnP7uAj0Mc85RjRdr/qHrDIDzyiN:L64I99P5InGjRdr/qHrMDWq","tlshash":"001490038c1c8b97e52993e4bd530dac2f592b5ce9813aff05231ecb7e645265dae01e","first_seen":"2026-02-06T07:23:23.986859Z","last_seen":"2026-06-24T22:04:07.768968Z","times_seen":5544,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/bg/stat3.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.036Z","timestamp":1782305574036,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat3.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jcmm6PNO6uarAOsgZaUqnOFc9tiHbfnmnWARGwzAFoo6S3uz4nC%2BAe4bbmqGjEkCtoq0oXuFoQYLx4ij6AxeFyrsh0kuAYHuyL8iIEcAtE3NbQ%2BmJaogIC6tnu2z2rhxAjo%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 1945\r\ncf-ray: a10bdf4dbf705696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3827,"size_decoded":2683,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1b07edac84752d7c56e382e1f7656115","sha1":"1ab72bc6895070dc7d55c8d87d4f4f907c19c019","sha256":"979df951bda3030c2abf6f6508fa7d5914c95535e4c0ed1f20a836cf2857bcbe","sha512":"97c1a7ff703378b6ae5555c686ab628ac9387b52614d1144beb72d575391ae717a0e25c981a4de8366948338760c57c8a8c19913f1d8b37661a2e96c1496af66","ssdeep":"","tlshash":"9a81b4ef5fd402b4d889d3e7ee3214993e4360fa5a8a0d04f36cae89575585cdd1a8c3","first_seen":"2025-09-28T21:41:24.193021Z","last_seen":"2026-06-24T22:53:55.051929Z","times_seen":7931,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/bg/footer_support_girl.webp","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.039Z","timestamp":1782305574039,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/bg/footer_support_girl.webp HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/_next/static/css/ce4a94f3f717c248.css\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=84zZIT%2BvrmzQRTlM%2BzYZNjZjncB7l%2FCFbyZtSw78V4yRRmMa%2B%2Fg6rBfh0s0fCCndos7Rn3RmcDc%2FzxsA8aTpaYYty3LQbG5tAYOUmQVOEoi5tb5rQnLBi1rXoupBzJ%2Bw0gE%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 57854\r\ncf-ray: a10bdf4dcf745696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57850,"size_decoded":58600,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5faac5f71c2e22c65bc69c285c0d3696","sha1":"fca1321d83571cd8e5cc3675251b7b1494657524","sha256":"9bdf3122176092018f424668f17ff2671b31372edca458b79c74cd9d499098e3","sha512":"2313bd524395624d329705b1f80dfbad7fe65729a4b5e02a2822ed990a6f9b0d78081b08210c70666d4b6076827ddd27948179654db24209eeb65cbe2ac9a5ee","ssdeep":"1536:MO09/ae5eKf1sIYm1Utg2OTeeydxh7F+euCxPO5U:69d551srmOTOTp+b3xPIU","tlshash":"ce43013c7ae9b930cda1243a4325ddd59c20c652f80b346abf9d86907224d7c9fc39e6","first_seen":"2026-02-06T07:23:24.013748Z","last_seen":"2026-06-24T22:04:07.774513Z","times_seen":5530,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/countries/es.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.100Z","timestamp":1782305574100,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/countries/es.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DYShPBlVGdvNjwKWPN6zbQ%2FTeS2Mz9ROBMkmbzS37yzNcXZEjopGyKUGs8cYKT70g3E6Ak9%2BAfpG1dhC%2FfqZMXLHBJ1SgQwB%2BIEWV7rVBarTO7eCdN3WB3UN%2Bf0tbDobg8k%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 333\r\ncf-ray: a10bdf4e2f765696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":629,"size_decoded":1076,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a8224968196d0dd6d84e44c98093c280","sha1":"882b8a579de32e24e13e999b411abd814071cc2a","sha256":"f8cf69e4d0d285ff8e9be18f239b65e38fe1a235086a8daae53b1baa1e7a3557","sha512":"096da45f1e9c9fd020364a51f387110fe6b08969d607a52acd6acf7f01215e15ebb88c93484b7aef1392143f744ca491f8862151d5c4850ec8f7b9d4d419e870","ssdeep":"","tlshash":"bcf049c5743db18388098b742d6e70e6408e721b554814dd70079b28a3aa3df7ac2f6c","first_seen":"2023-04-17T16:03:39Z","last_seen":"2026-06-24T22:53:55.007371Z","times_seen":9081,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/fbq.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.990Z","timestamp":1782305572990,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/fbq.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hKgpzA9OCwOverEbpYFVthA4sTATPEjdVCs0NpKaMOQMQVK%2Fxkb1nOLXygiGYdno3bu9oNzCp1qwRorIQpCmYv3LMICeAE1jtf2rvM%2Bx0eWFxyoTGZH%2F56vi8fYWF0ZNG9U%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 1774\r\npriority: u=1,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bdf473efc5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":408,"size_decoded":990,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text","md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-24T22:23:06.007887Z","times_seen":22281,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/bg/free_reward.webp","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.026Z","timestamp":1782305574026,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/bg/free_reward.webp HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/_next/static/css/d599adfe9f648657.css\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rnq5RmI73LwkfxkwBzt8RR28hP%2BEnGv8V7yGWB00YpmdSltCKuMtU52ATtjHxwamv1RmyvtS%2Bi7SA4yHnrfaEF6IYPaWBHM0cApW9Tq%2B0YIo1qsOu%2B0%2BX8wXu33Ku8qP3Qs%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 9606\r\ncf-ray: a10bdf4daf6b5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9602,"size_decoded":10347,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 390x108, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9ff1da902b946265f24272fc301815b3","sha1":"395daddb9c99b6f15b2651985a115e6395128db6","sha256":"67f87d0d17d6c7549cb8dfca755651258f123d24bd28e67bf90a6d1777831edc","sha512":"3e60ab0677a151c7eee4111c0269503dad38b9e36e9a7d52e540968d642612aeecaab21091a3c3795943bfcd701b51efc87ffd283a8273a4159484de4a362e29","ssdeep":"192:AXpAE6uvkjO9qzNScQt9EXi9N6y7D+AKbr2i5+q1Hj70rl7zkmt:AXX6s/9qzNIjr7cbiIRjorhJ","tlshash":"35129e54b67eeac19fa7c5ef26f093931236a77d11b1e8c3087d1ca64464930f384a1e","first_seen":"2025-09-28T21:41:24.335314Z","last_seen":"2026-06-24T21:59:10.460946Z","times_seen":6647,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/1342-e39ae382517d6e27.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.091Z","timestamp":1782305573091,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/1342-e39ae382517d6e27.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ny2WRiSNrmgmzhwjiOWKGmTJUM7rKS6O85RgEyhhXmAZhjMQHpWfMgzcNBpJEqY9wYg%2BY4AkZbzZLbDr8f7ltxisyQlW8SmNEJrGQkaYE69bR3%2FUXutVPBkcoZxYVbCEbvQ%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 544934\r\ncf-ray: a10bdf47df0a5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1449011,"size_decoded":545694,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6fc40cd79ee8752ee16a42d8de3a9836","sha1":"899243cd2ffe7a5b0aade6310d845f5f47289847","sha256":"0a935b2d469e703bd6e72a9f682823d483fc28d56f3a663787b9c21498d9db30","sha512":"13d3b80b739af5022c6c89df890e60ee7ea4607afb89204aa6fb7d43e6350cdac310e4a6d25be33703fea38f4cdb0ee7f1197766b97df7d197a6db1dff6459b3","ssdeep":"3072:2XikgRVZiU7NiK6xkdF3GK0/NtT8aH7fwTqdypuWw+1sGKIzXBX+:2XNUpieiztQI","tlshash":"5c25bde8678526e5bd4cddca5940b4ac007980370dfbd1cceb2af4e740b87b746a9d26","first_seen":"2026-04-13T13:34:34.611278Z","last_seen":"2026-06-24T22:07:01.114955Z","times_seen":2600,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/5669-ed334c2dbb466446.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.112Z","timestamp":1782305573112,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/5669-ed334c2dbb466446.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MG3DZh7qyTjmPVoVM6Lv7uUscH95gaA5TLPiTE6fIzUIgWQxlcFf5tDfujpMBfy8RFpEq3kgxD0gnKdyqQM4HRdykoQz5StVh7aGc9PKkBcJALlFz612HHhLqVXIINSlyyg%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 350609\r\ncf-ray: a10bdf47ff115696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1370944,"size_decoded":351365,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"edcd02e15f2012ec6437683a44554a41","sha1":"63a9be64badec0c0801046fef99feecbfd488cff","sha256":"e3595fda91d9d620bc150465632369c1124b0b7a387474cf81f04df6d534d3ab","sha512":"5869e9f6e59467227869d6b868b638882e2035c928efc7d4f21d43627243df6ce35e0bbb0a8f8eba23e8d5f39a3ba5b279656aab8fb3cf12652e5ccd1dd325bc","ssdeep":"12288:+3PyxSJSN87vIomx0wgH+vVUqmAStvp1H/llr9dhLR5EdNbE3aYAiLQDEmAx//pU:jNgvIh/VKa","tlshash":"c9250f5ccb9201bdae58adc1ca4770254fe282531fd789ed96bb7e214bb0adf4301e61","first_seen":"2026-04-13T13:34:34.672452Z","last_seen":"2026-06-24T22:07:01.149572Z","times_seen":2602,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/fonts/proxima_nova/ProximaNova-Bold.woff","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.166Z","timestamp":1782305573166,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/fonts/proxima_nova/ProximaNova-Bold.woff HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/global/fonts/proxima_nova/stylesheet.css\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: font/woff\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yr2M1guabx2VktOjwQe6mVx0FjIVahB2XY5flSlc0ylHeVnC%2BExQCybelwMnAXel9FOBBW7mqFlYPWBHrCXLWkSFOaUcZdRIqAHgqhIbX84L3pFlWpOcEfG0171V3GNIJN4%3D\"}]}\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a10bdf485f275696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52068,"size_decoded":52737,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 52068, version 2.3","md5":"e2cf3dc2f079bf3d5185a02552f153c4","sha1":"9e900ba7e0890a12a5697fc7ce86c058b145d215","sha256":"99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1","sha512":"1043f0d116fcda17bd933ff2594b7c79a1fd41259f28aa8283d90e1a56eb6b8830861f109f9eeb3b81d79408e8a6a3648d973ee8a42fb5c096b0f84138392935","ssdeep":"768:gUZ1BWLCju+iIoHoWcknJh+7x77rai9YTRPxnE6eWPeLJWPznTdpjXeE8vFmdn:fX6Cjuct8QxDai9YLE6eWGYfbX98vMd","tlshash":"2433f1a524350e2797b7f4fa349d0665cfc6024db42b55faa4cbca019a5bff8b530823","first_seen":"2023-04-07T12:58:50Z","last_seen":"2026-06-24T22:24:33.360729Z","times_seen":21116,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/5709-ea7a4340808316a5.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.087Z","timestamp":1782305573087,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/5709-ea7a4340808316a5.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L9ScLjzTmskTz1kz%2FILdzT3qbEMHtJ7GyF3VbLfL8brPsCdino80Wcn%2FrYkoLPjBpq0BjaaGz5%2FS7u7prQ2dnoGfH6RPnlD6%2FIGUKmdFaqiV3TUY5mmP%2F%2FqiWo6bx9ETYXM%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 364325\r\ncf-ray: a10bdf47cf075696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1454652,"size_decoded":365093,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65474), with no line terminators","md5":"da779d11d6dc46752ab334dd5393f2ea","sha1":"ae0c777835c44d6d6eba77e9eef5bc1e2bc03d28","sha256":"68132251e81ae3690f1423504f3f9e464e824d7d74b7b684c0a8091fcd422430","sha512":"7f8517459a8d44f0f37240a06be158dba4b2824e6ddedcbf055bbae67c5b5dec68e303db86b32e51edfb5a0fe8576e2f03b6882958bf5b820e847b43303bec8e","ssdeep":"6144:7nRjnRVLWQuV/er6qcEhJMQslkFN0bbLTx:TuY3ZslkFN0vLTx","tlshash":"8135388c67b5a3fcf505b7f8892b68757e6638fabb81c438c3e55d24e0500ac89658d3","first_seen":"2026-06-06T21:26:14.922608Z","last_seen":"2026-06-24T22:09:23.556642Z","times_seen":2317,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/4310-53eb2d994601d39d.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.132Z","timestamp":1782305573132,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/4310-53eb2d994601d39d.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qKkkD4vKvtMQWhWDv3cfsldNR4xhuqlxSUeDEQYpLdpRwuvW7D5UK%2B91xnNMCH0sRJTHtq%2BpWbLRZ3CJ97ovehR4JWvmeHMUD3Sqf2PraLjkJ8ms0eR17B7Ng2ReCHNbcwk%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 46835\r\ncf-ray: a10bdf481f185696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":241653,"size_decoded":47594,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (39028), with no line terminators","md5":"1cf0afc09bb69320084b8de536c82c15","sha1":"b366ac3a2df29aa97110376475fc08e2b310e168","sha256":"5f6628bec7be06e9879a734589c7ccc242657acecd391f739a86d88f2597b1ee","sha512":"cb32c35ceec0ed7c3b0cbb53eef1a7754053eb228fbc9c1aff2abc56eff7aeccbac081b3fa583f2ebf3ba836f3ea808e269b380636f9fb04b3c887f425900bc3","ssdeep":"3072:PSHoE3ssKaFRWxTDF0+uoWTr/9CPxZi2rbG/r0mJo46W6E9bVWqnEbvY:wb","tlshash":"b734370cd7bdf3f51eec389e36490c3bd5a9763093a5426688d0b7eb5485cf400aa79a","first_seen":"2026-04-13T13:34:34.704197Z","last_seen":"2026-06-24T22:07:01.119951Z","times_seen":2602,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/bg/preloader.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.251Z","timestamp":1782305573251,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/bg/preloader.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/_next/static/css/d4dbba7cd4889f6e.css\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o5x19kSdcP6BfuPWhbuFcD5HnagHEpgReMRGeR%2Bws7iKrjPtg7BBjWYmtsuswp0n1amaJQIUH0spba8mkW6Cu2c9Bf9NYHnhVZbThMxjmbe%2FaCLiMBQKdPBZ2ZcAVyw%2BI8Y%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 883\r\ncf-ray: a10bdf48df2c5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1652,"size_decoded":1622,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d4cf0d8e07d5ff0a22dde176b5e6926c","sha1":"bb3f41bbc80202459f3bd9a27054f855523f8ea7","sha256":"caa934ceb360955e8ef4eae0984d9ee475137fa2eee2b013586e25461bc1703d","sha512":"03fa93b18e1610abefaaeee02782234d164bd6de0d27aff61c5aa02e260d50e0b69233306e46bcabac18c6de2ce085a5859bd4ee71c2480acb0e4a719a3c5123","ssdeep":"","tlshash":"703122c04abc425cf604a6a9cf122875be1a64ce578564baf3ce9d06935805b8e0299b","first_seen":"2025-09-13T11:18:32.012309Z","last_seen":"2026-06-24T22:24:33.343432Z","times_seen":17884,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/bg/stat2.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.031Z","timestamp":1782305574031,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat2.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p72752EZk4RV7LJQ0zS%2Bv6DRwq0vNrZ4jibb6vAuHzcMCd0JJl3Yxs6fHi5TOo1raT1EhBZ%2BQ8UAce2g%2FuiD1MPkJYn9FGTonnUk1DZf1J%2FzFJU%2FTeEkBlbgbM2Wqp1fYDg%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 2008\r\ncf-ray: a10bdf4dbf6f5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4012,"size_decoded":2752,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5cbab71b6d96ad7f65cb930bb401ba68","sha1":"48996ecb2d0d7d9c1ecd4ccf994b9a24dd52ec6f","sha256":"a1c783e7030d327da610a9c36e0359b2e07573771468225ac6a6cd3c2d7bf12e","sha512":"5e70c60a35359b551d6009e1f63ebef5911c29a63d89ec24225f48c7f20d33982b1f0353cade31e7f541d3df5d534984b6c69379373d086a7e1c5adf536eb780","ssdeep":"","tlshash":"3881d5d82bf585e4a2869be3df01582c3d0790fa2ec54840f39c6e682f55c7dcd128ca","first_seen":"2025-09-28T21:41:24.398473Z","last_seen":"2026-06-24T22:53:55.006793Z","times_seen":7933,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/holiday/hat.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.008Z","timestamp":1782305574008,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/holiday/hat.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BBiSLNAXNItigANpGqRRubxqL6BOoZ0KoMvAoFUHKQVLAByrsMzhXK%2BgszV0lAo%2BWFxk%2FCl2%2F5nz7IPLQ6zjp%2FVQRbQN1r%2FJdAq6%2FgbDFD0RivFK1jrTHQGH7TylB6b1jQs%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 897\r\ncf-ray: a10bdf4d8f655696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2987,"size_decoded":1646,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ebf4ae376fe7b0c4da02abc9a0e648cf","sha1":"74f107d8c9add6f03d767e3c60b4b10d90f9b2aa","sha256":"67cdad7bd65668f2f0f392efb2933b7ee75902995fdefba25792859e4384b566","sha512":"b3fd5d449af21db89d091f46d6399f4e446889580de88f08413222d8f2b4a66c10eb09c0c3277126884f8c86fa0ba8310edb3269b400c85ef7afeb4c22a6278e","ssdeep":"","tlshash":"4c51f0f069fc608c65460738e6be88922f2d99fbb20445497d5d2ab0d717883f98fb94","first_seen":"2025-12-07T15:18:05.826288Z","last_seen":"2026-06-24T22:48:13.086674Z","times_seen":8260,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/holiday/top.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.010Z","timestamp":1782305574010,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/holiday/top.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a46dnQGOYm5z6Hk%2Foa6gjMct4iOEl%2FCl3GdV7uRl5QdXQpnW%2FKbJsd11bH6YwuNb5c5bS86lKwx0fiNP4PcbOrfuRcIb6D9gFSwAsyPZ0yaREHZJIjtIhyIoipSsr1%2FI4iI%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 48097\r\ncf-ray: a10bdf4d9f665696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109971,"size_decoded":48840,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"765e4b902462e81209a68203122c5462","sha1":"c8a22e10bde49777ae443e9f3a3b6bf474659b68","sha256":"0d81c69880f645eaa8ad5bc7f874fe5c302d163c6ddf8e2b2e5633c222949f88","sha512":"d34eb7f720beacdf9d545cc1219a56e2a26b05477d98d9ed188c116bc9319de2f49db046893a0ad1680ae6a9c81bf69190f5de47bc94fef0b5f99049f36a65df","ssdeep":"1536:TVcmxdYMDacj729Kbg1AsjwaT2ROc8n6GheoROmsrLc8h7CJaEukrWE/A:x/FDa42Kg17nZtgER+","tlshash":"47b3f9fd6b6185e0eecf8af1dd3649907f1b34fe2b52525482a4ee607833e58894cd90","first_seen":"2025-12-07T15:18:05.795582Z","last_seen":"2026-06-24T22:48:13.09025Z","times_seen":8267,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/direct-router.bundle.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.992Z","timestamp":1782305572992,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/direct-router.bundle.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ULOv4%2FNBuLT8vWiLKkg4d2gTpghusCdL5uwG%2FxEcb51Ujx3jZL8PruqMh0epAsGLMtjSJYx0chNWYzuBc2lEW33YGu2r12ytorXQuJQuN7ocQ5H3ibZbp7TfWc4QJBuuGJc%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 66433\r\ncf-ray: a10bdf473efe5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220065,"size_decoded":67192,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f589e6e05857a1cf881cfc2a05ef7e9a","sha1":"8d8a58344a1e44416eea1555fcd2f024cd664087","sha256":"6c15c81fe6c86f71b4504b7437ba52be08619e4d694cd27c7e9b601344ef109d","sha512":"7c02b9b887c6c34948f9da8aba844a3001090f0fd2b4bcc3bf0c09ca47d585c36badeb264a193e9ed021f11ffbcc016977e11ff772841433e714f643523f2d1a","ssdeep":"3072:vqSp7BygEFCXqLkT5vd5XnTWhNIhdmkIxWjlP3/1JqobepmMGWR042:vqSp7BZaiv/ukIxWjlP3/AmMGw6","tlshash":"6b241aa93a95f1226ab3027310df5803733d352b280d4d61a511ede9b4b845eb17bfaf","first_seen":"2026-06-24T12:06:23.502088Z","last_seen":"2026-06-24T20:46:08.213669Z","times_seen":318,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/7262-260eb856ec86ab3e.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.140Z","timestamp":1782305573140,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/7262-260eb856ec86ab3e.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J8NibrA2yWWvs0XztellLXuBEe4T%2BflR6dDHAgG4RNO0u%2BnvmzAY4%2BFaUg1rqK2BLSkFHPAjUAQ2ko2buYoOEvH1y4Yj4amUnUMKRejJH%2Bfqq1ZvVKYL4TBzyacpHceE3g8%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 21758\r\ncf-ray: a10bdf482f1b5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77603,"size_decoded":22521,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65502), with no line terminators","md5":"fc5c946ea01e852079c01158915eb9ea","sha1":"5133bd0de532b10449bb08521a92ca6a1887b7eb","sha256":"4a07fe3714db1466ba3968c1de34671f62ca3d5a3e9a01c12fecbdf73f2361d7","sha512":"18a65b639abe772a19c8332cf3709c4e0213353430e032b2cd550e739db2467dfd24ad1fcb4a4ea3675c81f34215a5ffc0ffb658dbf80ff70c2382171199b96a","ssdeep":"1536:nopcljgCIsBEzrJ8i7e85k7yRck5L8Nwxg98:nWuUCIsizui7e5mckJuwxu8","tlshash":"d3730a953180f5ed17e381aac42f644ee32f5c2ce51a766463e4c9ac725d8c8e137bac","first_seen":"2026-04-13T13:34:34.62862Z","last_seen":"2026-06-24T22:07:01.117041Z","times_seen":2602,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/1617-516db04f21137a6a.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.150Z","timestamp":1782305573150,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/1617-516db04f21137a6a.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mhQPuYgKOuwqCJ%2F6NPd8uTyYdfrqaToKsulhcNbskiE2KqOV4BBan2dhPXCBbUOhNskRPbbCSO9eCiauzIrtBmbyY7FZJe%2FTKx1YwxUXII4m5J0FG8AM4ca%2BHu0Wx%2BxII7A%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 134434\r\ncf-ray: a10bdf483f1f5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1310318,"size_decoded":135198,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"96e12518bcc4bdbbe9000be499bd4164","sha1":"964881c32476cfe71ce4b7dda2df1fedb01927b4","sha256":"0d72038e505589c03cb66f853434a70524bfd107ba42445b5c4d48966311f63c","sha512":"ec4f41f65b4670eb2cb554fdaf6d5eadebdc5de167bd035cb16860e500477f99377171083aa1041d61fbd08f9a0ad13840391ff21f67a39cf0e1a3d552b5baab","ssdeep":"12288:yzq3gKoizq3gKo1mTkcAA92TkVAA12TkVAAD2TkVAAF2TkVAAM2TkVAAm2TkVAAK:J","tlshash":"6125aa4c8b6602fdab546cc0ca0770998fd186636fd789fccabaad145bb16cf0311e56","first_seen":"2026-04-13T13:34:34.656645Z","last_seen":"2026-06-24T22:07:01.143111Z","times_seen":2602,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/countries/fr.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.104Z","timestamp":1782305574104,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/countries/fr.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HkAAjRTvwR1dVBazhOgC9WU%2BqTI0iFzdmevr0vTTm2x4YsZZ6PlsqRHoTiROH1aybyjs%2BB7zEMU%2FIZdFt1b5t12IrvlKi8MPGIP2RorXQVUZUSLBZI%2B9FNt5WDOmZ%2BLtKqM%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 1773\r\npriority: u=5,i\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bdf4e2f785696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":872,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c1a36c711f0ae0ab46c7dce06f63a723","sha1":"5cff6743ac6eed2912288bacd35c363a2d586d18","sha256":"861059eae96aea4c38466209edfad68fbd84ada37bae4ccac92d03011046a524","sha512":"e8d4869bd8d77613770a36de15c23dfade7a3bf3a465c4a6c79be55d9d6660874b5cbb60e631f04964840d3b4d736ceb25f31b30779e8d5ec64023f8e855cdeb","ssdeep":"","tlshash":"f0d02b9dd07de0c448138b703fde31c1418a6326364600dab047272861cc3ef7e40f04","first_seen":"2023-04-07T23:46:38Z","last_seen":"2026-06-24T22:53:55.052564Z","times_seen":9097,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3980-010af18f0f321f6b.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.090Z","timestamp":1782305573090,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/3980-010af18f0f321f6b.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hOk%2FDDaSToEDuyann6prHfdqXxZl1RrYv45oZPGH0XMwnD2GpgE4ek1aVbTna0kw4DL0LeT4xFZHbcH40h%2FRYo57nmLXqXi3S5fpCxpqMYZDl9VFsHJq6MxhpWwEku7uZOA%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 102910\r\ncf-ray: a10bdf47df095696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":514070,"size_decoded":103670,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65218), with no line terminators","md5":"0ebe2885d4d5b7870215ed1d746ae08f","sha1":"ececc6607c16410aa62783cea6de95557893c3ca","sha256":"68eea241c058d3a7c5cd5eb609397e4d833059221ade7f5154e9f68da97ef40f","sha512":"a14e01fe32f03659c957c6d5c9d01cc20c71308424cf842a7d178aa207358e270a9f531acc7d37e285a34fabd655ad88256cd82143dc1828eda771bc46bdbc91","ssdeep":"12288:9Fw3/38CUqBZw5AcYk0G2KVLCfEQ4HAIrBM6k18xyBByFt:uB7KFrR2BBU","tlshash":"3cb4c60ff3e4bbad26b57666be0f537ab31c2cb9d714e81496a9f0152344ca86135bc0","first_seen":"2026-04-13T13:34:34.626821Z","last_seen":"2026-06-24T22:07:01.154067Z","times_seen":2603,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3047-780ecd63e8341fd0.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.097Z","timestamp":1782305573097,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/3047-780ecd63e8341fd0.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ijI5RbXV22hpd8irLryXXP%2BL0iXbKNjCM%2F1cWj2s50N%2Bluai6QDSBq8eoBB2beRR68kiTa3YEFn%2FXh5dO6%2Fkqyf7O4HJd%2Fx48yXsjyVQh%2Fa2zSkf8UpG%2Fefpj64sFkt7tww%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 86480\r\ncf-ray: a10bdf47df0c5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":316805,"size_decoded":87251,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"1a45ff6317fa4327137123bb7bfa8d4b","sha1":"bc1ead1c1e57bc9d70d9ce61b6580fcff62dde6b","sha256":"52347ddc20c0cf9d1a0b8d9b4f7324defd9706465148f58c081f4c07848b1d65","sha512":"714d24afd1fc0a2eda39f7f9793701b61d9b29be01f251c4cbac43a76732bd29c0352d99eb68cb43e69e5670f847ea3e8b4ee9593188b64937437621993ec32b","ssdeep":"6144:fT+0+Qhv42Fh0idHSlq9p0jy79DMHyPCij6MIVs/e5rKYfxGAaXaifqUMjuTH8NT:rrfOR1","tlshash":"d3644ac871c1f4a8929361a6803f050bf23d2e2de45d9454e2a9c8d87979dcde237fb9","first_seen":"2026-05-13T18:10:45.788088Z","last_seen":"2026-06-24T22:07:01.101465Z","times_seen":2550,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/5917-79f62dfd025e2ed8.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.125Z","timestamp":1782305573125,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/5917-79f62dfd025e2ed8.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=snoH7W3dBbeBFbAAAn27xcMyN62ZJhzuLfH9sqNnf8okFWF6d1pBqKcf3IwpjF3p4wlETCIVYEjhBzConKfBtepugfUs5EKxxf%2BagQzhZqLesDtbyVDlQfRKs3yvfNWSaCI%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 93370\r\ncf-ray: a10bdf480f145696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1153840,"size_decoded":94127,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c9b727057e7bd1e3325cda7430d5e8a3","sha1":"7f253d66cf405fdef8f4cecc4defaeb56c4e9b5d","sha256":"9451e73254f0cab0fed2933236b1b82d476e768fe75b7e1b8be7a19c98c5fbb9","sha512":"a0a260b80f808e6674eb5fcf51d9d0bf1a304790be35430de9333892ac782769ffd84746ac14a9c44d5450ab5c200eff7de569450717af197cc278532d7a30ce","ssdeep":"12288:m9kU1wEKxHLIPrsjbDcvnTJmP0I8y/PEg3Ahkz1epv3BoKuW+xMQT1y5EVNy5EVp:mrwEQ9Oe","tlshash":"f5259b4987aa42ec6f9d6d80c607744a4fd69513aed789eccbf9be1013b0ade1311f42","first_seen":"2026-06-24T12:06:23.50767Z","last_seen":"2026-06-24T22:09:23.564369Z","times_seen":359,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9883-c825881b2c3b0fc9.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.138Z","timestamp":1782305573138,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/9883-c825881b2c3b0fc9.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YdV139mWZvckcDwoWTSBdBsU1EMwNDOQXdOAAfo%2BeZ2FfKkRRlrJf3eRqDyeYeYDFtMxKnCF4V9niHJAly3K%2FBCP2SJo9oqqDGWugStIPIkZeITV3irIZnRGeNjy41bggYA%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 102581\r\ncf-ray: a10bdf482f195696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":437773,"size_decoded":103341,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65172), with no line terminators","md5":"bcc8e6423662c12c5682af8dfa62a5a8","sha1":"b892e8086c047484a6e09910e1f5856e5f607bf2","sha256":"fae79308e4825e4d0f92e72cc85189405fb0c80569638bdc473eb7743bc4d4b3","sha512":"c48d27ef493b6d93cca9320dd5602a5de168d7deb5ea80dddde2daddf2b75293f15df2de435a834ad87802ad9497e8bd92c4763018a76ac0e6c897bd15689d90","ssdeep":"6144:TDWV4xt0J6T+WqV7OF8JpCXy/ABCf5iwEVQt3byQvUfV:Tr","tlshash":"6e94a829494416622b6323cd268bd80fd08af2658246c9b9f7964e7d21cfdc4e13bfdd","first_seen":"2026-04-13T13:34:34.692397Z","last_seen":"2026-06-24T22:07:01.116558Z","times_seen":2602,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/mix/landing_girl.jpg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.012Z","timestamp":1782305574012,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_girl.jpg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kAlxaLJLkC4hAkcaQUhC7TTE8%2BDPvmbUeiV9W0P4IA9ybe8AoBrPdCS7b0H7cfA8dpFVO6NFXAe%2FK97Lcyv4skb56zW3Wl1Jh8jhyFSLYKNP%2BpHIHjVg85uQ5Rr4r%2FLgtf0%3D\"}]}\r\ncontent-type: image/jpeg\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 75067\r\ncf-ray: a10bdf4d9f675696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78517,"size_decoded":75807,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1184x514, components 3","md5":"8d25c1c54ad4e4fda7a046718150d345","sha1":"040d0a141110b4931b44882a4a7f684c1d88ccc8","sha256":"396fd7d00555a14daf95d589cb71ca04832cb73a1f4d7526dfe1230cf289d24a","sha512":"55594743a12b9482a937157f0e70d6b72938d8ef197ba4592fb0be93af2aeb2c637a17bbf74a269a3074cf9dc5a95ffb86ba0b5580b0a7fbd353eb863369e0d8","ssdeep":"1536:5UoMN6p0PBEXSUrkj4srs72ZEsEsKuU/jfT7OxIlp:TMNw05cSUrUrAjvu2jQSp","tlshash":"2c730247ee4840f69c1d4cb47c961c6e7f602aad2d725a0d3b124ec52bc3b8aec7e456","first_seen":"2026-02-06T07:23:23.951452Z","last_seen":"2026-06-24T22:04:07.791802Z","times_seen":5541,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/holiday/bottom.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.018Z","timestamp":1782305574018,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/holiday/bottom.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lk2n2wa872QLJ6WbzLR7ioSuledb6jdIRrCXBOBzMeVIDzEbDoPee3MmfoxhCWIEIRkCA5LPzFjsmlmMkU1olwDnyiIaegCLAt%2FzffkUVy8cUSBEf91yeqHh7EqmKtfRApI%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 520\r\ncf-ray: a10bdf4d9f6a5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1628,"size_decoded":1255,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"165634688949125db4ac194fe8681813","sha1":"c8d8f84854dc11683adff1b17974b18a3077173a","sha256":"865ac8ef0db76c4a0224fc4a29905e93b9e1cf278b42f7c95c8e1d82312d5e42","sha512":"9a4001c1e30d41bda349a631e7e00d8cf2528532717f23c5f19db0ac56dbd771e779ba07390b0c8fbe0beb77b3996e45b9bbef7b770850f8db207beff1888a7c","ssdeep":"","tlshash":"f2316f5c60b6ed389984c14c8d1fe0f5361f2fea07d6975620844dadfb094ff29626d1","first_seen":"2025-12-07T15:18:05.832815Z","last_seen":"2026-06-24T22:48:13.069585Z","times_seen":8256,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/css/d4dbba7cd4889f6e.css","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.980Z","timestamp":1782305572980,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/css/d4dbba7cd4889f6e.css HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CGkBoPbuPX%2BjJ42KkAqx%2BYyreGR07ke8egEiywXLlx7%2FHM9AFKEBJs2B%2FXBmMwXKDD5UoZkRKTCBjKgQ8PMtwvefxtvtsIjrmpVXxpzzixk10CLuVa1RoQE%2BTYv773jQ6WQ%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 2409\r\ncf-ray: a10bdf472ef75696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8868,"size_decoded":3166,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (8868), with no line terminators","md5":"68eb5f61ed957f0983f60b442f427751","sha1":"16106de8065b5f5de07d98588cbced8e42490d2f","sha256":"87285d37d87af815bcc3e3f7ef033d46840703246cd461fb2f47728d73e05f02","sha512":"bf29e12876a49faaaaa3a4c479c3e92ad15d6c9744bc2597d9fc4ccab6e139c99caf7c0ac53ed1fa758d97d4f4f4544609c92091fabcb7bc54f242cedc59e73e","ssdeep":"192:4SJhREZKVQrejs42r9X/Xqgv6UA7HHvhvlM:4fKV44hlm","tlshash":"d702f73cb311a0b242474f0f94a3ef6b8d6fb05acf674a6691a4058cb7cd9d015e1dab","first_seen":"2026-04-13T13:34:34.649281Z","last_seen":"2026-06-24T22:07:01.114265Z","times_seen":2601,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/fonts/proxima_nova/stylesheet.css","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.037Z","timestamp":1782305573037,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/fonts/proxima_nova/stylesheet.css HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/_next/static/css/d4dbba7cd4889f6e.css\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AbeIkoyv%2FNwfY3cc3FI2u5%2FcKck90AOh1rIISPnoxNYF3Q1M2PaHETrDqOkEhWelCTzPhM2ORcpW5oaWJ7LPRAJZ7XZ0zq9JjFoYRGu5yAEzuM3iS%2BOBYOJEej86yo2b2PQ%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 1497\r\ncf-ray: a10bdf477f015696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16511,"size_decoded":2250,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d8931974e63a4dc65335827a00484a23","sha1":"3295703d542b291d258e703d3fb273aa4e71472c","sha256":"5748d69fa891b81b4890fc30b6c589852acd016cc7f8726e4ef93a497f0ee30c","sha512":"a5a858b0359a3571aa1337351eebcbed993af02fc1e9f54d7d87ce39e675d455c46fe9ef7291fbbb80d29d79dc71bf2404e40a902f5ee26fc0187e92b6625cbe","ssdeep":"192:xz6b6dlmqgqYGVNCGAcCh2H5vwCGmhRgSem0pBjqkCY9WTpnOPx/OSW9r0tZxjyL:paG7KUC4ZYCrz2muZHCfWctAH/uNB22","tlshash":"36723942cccdbc624aa6148077fe6ff60b4e28559079ad57ff3c38389d115adc68472a","first_seen":"2026-03-07T05:32:19.76436Z","last_seen":"2026-06-24T22:24:56.420865Z","times_seen":13217,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3121-84e2be85f77396fc.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.085Z","timestamp":1782305573085,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/3121-84e2be85f77396fc.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ubVcBaXOeLCqu%2B6tx7GqZ6LjpqMCMfqsbDGS0dm6DAjT2YbVFizZH4TKG22j8yHb6%2Bndxxs27Nxf%2FIsQOw1Hp%2BKqwzmID1x7YBbgYCTqQFqWKf9WnlxFL7%2BR6cQFVFBp6T8%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 56586\r\ncf-ray: a10bdf47cf065696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":224282,"size_decoded":57351,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65418), with no line terminators","md5":"6b869f389beaf6b6ee305c2aba742110","sha1":"616f5957c5c11da916d8ffedf458597b7612b071","sha256":"ff0cef3d5e2eb5fd8fc70bd3af62141c28494e8218ca265cf9a5e5928df7818c","sha512":"9ddf70d0dd79a02c44d6a335d5170723a18ae5b4981c674756d69075f92eec44f398da73f2145878630de71aafa77e6da60cdb26bd138667b448dee4d3b1582f","ssdeep":"6144:A+AiF7KKW6WUSoMtIn9Ghv37xQnp87m0Sw/KKSUSOYYMCI:lY9C","tlshash":"eb242b497290b2e817e762a9547b282ef22f7d3cd222691477d4c87c3349dc8913af9d","first_seen":"2026-05-16T23:25:48.532058Z","last_seen":"2026-06-24T22:07:01.153469Z","times_seen":2543,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3083-d0071871f85c1c39.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.128Z","timestamp":1782305573128,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/3083-d0071871f85c1c39.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bPeulaACCG2WzsUj2aNH5csZzkQYYDxqqBPdtF8aa8IMjQgwM6PjPhBzbz%2Bkk1KB9GggoaIJkz95eIPC6NzU30wffK9Wtg0itl55XX%2F1HATGyZR3zpbM1q%2FaTVcBLo34eWo%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 37112\r\ncf-ray: a10bdf481f165696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140858,"size_decoded":37873,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65178), with no line terminators","md5":"1e8736497d50701fd7e98b6af046968f","sha1":"dbfea11666fbb04bc71187a259b4318e935577c3","sha256":"f2bf0ce31e01e02feea9a6dba28d4318ce7e060806dc0c8e3a312b86a47bf163","sha512":"27ca329911a680c2a0654f53c3acb9846e41afbe86166bc73ee90c4f71aaea53c07bd3c3fe30a058e58154e9ab721f0238fcb7d087b6cae9a0313a6cabcd3aba","ssdeep":"1536:9wnbMGYAkPeRRJ0u4fU5g1+GoDJy+N0jPkV/KtXcUN3tadBZx4fH+dMxteMSVgvM:9wnbvvg1+lhN0wBDMxOig","tlshash":"84d3961600c827b52b677b25265acc0eb61bf23dc7429924b694c43b168edd461bffec","first_seen":"2026-04-13T13:34:34.639501Z","last_seen":"2026-06-24T22:07:01.125122Z","times_seen":2601,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3715-1862ad9008505962.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.142Z","timestamp":1782305573142,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/3715-1862ad9008505962.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tLYrRd0PBHoVzDu9r65%2FcbFhugYed%2F707%2FkzMTPD1%2FKv%2FhEUlh0IPgfAmrPP0kYRDELl%2BEkg1LVcW7UL2bmrwh1v5PtDGW7LgEwaWzdsdYzWoR94w42%2FliG%2Frlfq00atTr8%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 21211\r\ncf-ray: a10bdf482f1c5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81522,"size_decoded":21982,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65480), with no line terminators","md5":"2927eacb55a6224ec8cd6caca3db99c2","sha1":"a2bad0fd2d18b815ca48407464d6402918345813","sha256":"08f764ea42a0be91df8df5d26c417926f70a6721d2ec38264a3a28f13a98f974","sha512":"a5763ae91e2fbd84c6843f454a37179ae3083d4288200cd9570e88eaf655d5e1dfacbfaa5feecc671ab867d991612ca4464fcbea23a406e706e19799d9245a69","ssdeep":"1536:G8iMZeCMcsspNYlpAsz1jzsRr3KTArL7ml1C+Rmsqq99WsA:JiQensTQmYBLe","tlshash":"6683c764f1e0f6d4e1575399c92f460df12f2eacea25782cb3f5d818b7044d8622eba4","first_seen":"2026-05-16T23:25:48.524516Z","last_seen":"2026-06-24T22:07:01.123822Z","times_seen":2542,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/api/v2","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.634Z","timestamp":1782305573634,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://play.kuofax.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 165\r\nOrigin: https://play.kuofax.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TV3rkAO%2BnltT4XldfEdFOOtFobrV5V%2BX4Xo%2Ff%2F%2F9cRqVpJajZRfAuZ8JtLBPOtF%2FjH%2F0KGEttbGm%2BvPkM3sN4mFz%2BgGn%2F2rGE8dKCh9w1zLGEIDASVmCn7MD4FzNqObxKd8%3D\"}]}\r\ncf-ray: a10bdf4b3f465696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":141,"size_decoded":782,"mime_type":"application/json","magic":"JSON text data","md5":"2494237c807d5868f15df3979dd5acaf","sha1":"f50c744cad1e3946093c6b8d95116dc064000289","sha256":"3e52bc3d441b2d727ee85caf8f9c510954e095717ec9ab2830d7d082951c09a1","sha512":"7fd91127c19873586ec0fb924a44c52b46aa51d3abe22079dc7ab8e7458facf9d80e5e980616b222f85badb01933212bbfacd962402eaf58d65b82b643b3b3fa","ssdeep":"","tlshash":"41c02b3074d0b710f5dc02d819e33d836c8f29de36c00d18578b93c049d950502d4c38","first_seen":"2026-06-24T12:53:43.370418Z","last_seen":"2026-06-24T12:53:43.370418Z","times_seen":1,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/bg/landing_block1.webp","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.028Z","timestamp":1782305574028,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/bg/landing_block1.webp HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/_next/static/css/10dffa892f034c33.css\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qc%2FbUwKgfV%2FPPZfLfD0gZ1MMiv%2BTFABb63bpuffJftdoCrP4qgJSN6a7JuSCeUp72q171GgN712SNpPmdfZ%2BXRiWiERNlIpv32SEnTUXzgSvwRRF8PBd%2Bk8AjOjl0ghCw2A%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 143257\r\ncf-ray: a10bdf4dbf6c5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143252,"size_decoded":144000,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1692x502, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8201728c6e2cf2db0d1c3c296e9ec4f8","sha1":"1c5b38584ae934775d0ec23c9b0ebfa494bbb8e7","sha256":"308e698488e68037d3a4648279c289467061190da02ace13bddcff1f7dfb24a0","sha512":"76993a0e63c176ce55b170cfbff41c65712a660f800904f7ee54e504e66df07343bbfe33d810cefab3d7e959046e5bcc49685c1d82259c5cbe0d30902ad16923","ssdeep":"3072:jvdXxTC52KjJbmSFgMLRAQPodctih7E4opiSOVmDjXvzV:jVVC5/mAtLRoctiREXpUUDj/zV","tlshash":"3fe313be76b10ae8a8801cdf021e48b97f355f1355ee01c67b27a68f05a3519b5cdf0a","first_seen":"2026-02-06T07:23:24.023009Z","last_seen":"2026-06-24T22:04:07.7697Z","times_seen":5527,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/greenColorDSGN/bg/stat1.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.030Z","timestamp":1782305574030,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat1.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KlMQt3Se9INj3hU3F%2Byja71UOUM5q0FJ%2B%2BnGl%2F9VUDFuWJjScBQ1hEvUJCJjbwBbyoXcYlPq93jdM9TGv5XQy4OlGjENQWU2QDeuFlNFgK%2Fr00JBJK%2BM2ncApWuDzYijrm8%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1773\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 1822\r\ncf-ray: a10bdf4dbf6e5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3636,"size_decoded":2568,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a62014bb87def86bc408bac073b0cece","sha1":"24ce6cf0ee0ebe7956bc76e9bd16151ec3da5244","sha256":"69a3b7fd361a9307dd99ab7a8c12c3178f4ee11e5573a2c0f78fd014e04f4b64","sha512":"ee7ff1a7a9cf304d61ac90e25998182241854e3de44df25fd9541b3caddb222d206a4d3fa250e4d4d64ab42d595f79a0e24fc21ec4fb753f0b7ca2d64eb73282","ssdeep":"","tlshash":"d771e6cd2be812f0ec85b7f6df06642cb80e14b2598848b8f21d1f557b04ce98a4ac92","first_seen":"2025-09-28T21:41:24.045294Z","last_seen":"2026-06-24T22:53:55.037121Z","times_seen":7932,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/2366-925fc85d237b17af.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.082Z","timestamp":1782305573082,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/2366-925fc85d237b17af.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oEyMA%2F3TSeQmqu7toZblQOMmR8qKo4BxLdFXWaaStDRM%2F6DwAE5Gx%2ByS5ynyTlGgc26na%2BDiXhAkttlA%2FRIsYOTxoooEKirGo%2FVPROcX%2FpqNSxK7vEYcFMhtf1LJdGS5a6Y%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 1774\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bdf47cf045696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":467,"size_decoded":1023,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (467), with no line terminators","md5":"f7911660cff2a47fdbc9415ace2e3188","sha1":"3ab908a0337f5ba043a079b563d3c584521ece41","sha256":"4a2741bde36436647e2ae672eb2ef1262c83541e3d13784b48cb37b165bddd8d","sha512":"e21a40e23085dd405ca6c8473453fabc4c7df8999a472fad7a94a4f26856b2d5ebbfcae375412db956a96f92cf7f630b5804e5090ac19f22eb4b7a1022c96b3b","ssdeep":"","tlshash":"54f09e9920057c387abb4c02096e8c2a287c3572be091581e707c5a0009faf85170e9a","first_seen":"2026-04-13T13:34:34.684954Z","last_seen":"2026-06-24T22:07:01.111503Z","times_seen":2603,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/249-0939437a59f2504a.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.092Z","timestamp":1782305573092,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/249-0939437a59f2504a.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z%2BiuB7s9toPzn8dCQSj0JHJjMR4lTNHKvAiPQ%2FJ2xjkG7OWnUfpi2TsooFvEv7Qayl2PWJNd348qB3e86rInqOwUIgAoX6M6O6HnhsmoiXdziYcn98VtxxLVrvsvfyYCSPw%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 61624\r\ncf-ray: a10bdf47df0b5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281586,"size_decoded":62383,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47782), with no line terminators","md5":"c3f51dd99a0be861049ebd4632a3542e","sha1":"3d08751beaf09ce31d44722d42da0650b0fc914c","sha256":"10976f7c91d6bbc5f35b9cd987501ad59a99b2a162a74b0ecbc9341afd0322d4","sha512":"4d67fb8e55edf461b142a253a2a20b675c1e9bf2c65ccee6af44d85dcf05b0467b1ce35a7f96a0f8cacf5c0e5c22ff530754f8286ea07eb6d339d72dae198c76","ssdeep":"3072:BF4UMvqBX6EG8q4H7GRxe8JTDUkan3busQd1yKlvRnTT/vD3Y46m+OEL4uFAQNgu:34UMCBX6tdDHV5kD3QPRuN","tlshash":"3d54fb0cf7fdf3b919ec389a364d0c3bd9a83a35d3b5625249d0f3ea9444cb4016a6a1","first_seen":"2026-05-13T18:10:45.999462Z","last_seen":"2026-06-24T22:07:01.11554Z","times_seen":2550,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/5358-6b6066a7c5be067e.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.102Z","timestamp":1782305573102,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/5358-6b6066a7c5be067e.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kyn0N3QxPaQrhXwO1cRpF7TNiAsB8A9rHZsHq%2FASdehdW5yULHP2swkZ5hB1xD3NtIGqjz3wWgJWVFPk0%2BwXrXPOFi7IGlbbfziXhQSHtbj5Gl6ba3y%2FS4rofQcZ00zKX%2FQ%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 229811\r\ncf-ray: a10bdf47ef0d5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962608,"size_decoded":230575,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65416), with no line terminators","md5":"9156598b1de03a5170a70624dfc8177b","sha1":"b3492044b8717c0f42193be8f4e8f28a82e1350a","sha256":"a766f5b00eece4fff39e14883d3fd3b1d296272714633a36d9fceb8216d72c68","sha512":"766eb2ab0245999d24dcaa587fafe34ee2312c4d10e89f6f13f8cc4269bd1af69ad6e7332d59a1b2c509a2646875092e7403a98036288c030cbcd41ec7290a61","ssdeep":"12288:xHJlmOl48cdPyBOpIwGAWA7k3ghrhanjqv:JmOl480yBOpJBhrhan2v","tlshash":"7225190ea7d473b41bda3149364e4d3fe25cb638c352d016a5d6ea7d228cce4613bb98","first_seen":"2026-06-19T17:10:47.222323Z","last_seen":"2026-06-24T22:09:23.541492Z","times_seen":1122,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9689-39df663debcc7932.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.117Z","timestamp":1782305573117,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/9689-39df663debcc7932.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9eIKvzEJQOFfKtwIz4tiT87A3mjnTqy5cc19j6L6l%2FAskf6qJQn55GiZmckb6%2BfGK2bHmDOgP20pqtvU84Q2xZyuUEeFppGLqRyG4B2UOFsvorQqS7%2FBtikDfKl1BqQ7w%2Fc%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 899191\r\ncf-ray: a10bdf480f135696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1462413,"size_decoded":899955,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9db46b5d4b739ec66f2a1c0b604e8f70","sha1":"c1b081fba22e6c0500021767d5a384f5464506f3","sha256":"43946234d264f14d2be22b5bed48cebf1c0283592db43db6fc888a07fd429a6e","sha512":"86e1f7a2294ad4475369395bd9e42aabac53d2a7defead470c705bfe7236d9507636842e05bd60063e952cbd2c29ff4b307afe96d76bd9e7a28c5de84e141513","ssdeep":"24576:7tPaAKapUMi69Q86f4lJay+AdFYR/QNnBKM7x5AKGE51:u7KwNhQx6I1","tlshash":"7b250135da2552fda728a4c2d58b34198ee685073fc589fcc9b6bc464fb2ace4701f90","first_seen":"2026-04-13T13:34:34.637603Z","last_seen":"2026-06-24T22:07:01.151455Z","times_seen":2601,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/api/v2","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.630Z","timestamp":1782305573630,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://play.kuofax.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 157\r\nOrigin: https://play.kuofax.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7HGnamkhNpNdzBPq19XU6oi3pCAfjOzXalGqC30Ykmgxy%2Bh1g0VO%2B6%2FPMaYkxnnYOFie7iCUrtd9eS2J%2FYPP3HSoadGh1EnT87Qfb1CV11z1V1%2FaFFfWV1%2BeAm7DgFByeAQ%3D\"}]}\r\ncf-ray: a10bdf4b3f445696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":181,"size_decoded":808,"mime_type":"application/json","magic":"JSON text data","md5":"722793cef61326f05ea5609e089b1ffe","sha1":"8cea2b154822828b3404beec16c8012f9eeaca27","sha256":"61c5ebecf07eb0ce69a6807ccfc927075d75116f7760aaecb84b74e2d08d2d5a","sha512":"3f454d01f7e991f5eccbf19b0106ecf87dc5a8ff5a8ebb2d5cf58486287a542d6c20c19e2a47e00e168c4442e9ce9f7f5c74450e1ba254729282679f6aaccdde","ssdeep":"","tlshash":"a6c0c0cc0b00c027808952ba100c0b40c83eebc7c9fc045a0729c6f10a36a2ffbe6cc0","first_seen":"2026-06-24T12:53:43.375342Z","last_seen":"2026-06-24T12:53:43.375342Z","times_seen":1,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/countries/de.svg","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:54.102Z","timestamp":1782305574102,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/countries/de.svg HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zfSeBGJpspUThFhwNnz65E221SkruYkkgQLTxP64LIMnbY1xQbvoD53GREkN3xBb6z8o%2FAdrwh684bdgEwdPpDZFOB2nSkkLEwyQ6%2Ba4AOPJa3ZBlEwyP%2B1VElMvW7sgrOA%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:52:54 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 1773\r\npriority: u=5,i\r\nlast-modified: Wed, 24 Jun 2026 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bdf4e2f775696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":271,"size_decoded":869,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"939afd91bea7074f84f4a328ca095295","sha1":"1a8edb7520cb812fd35996134ae823fe8ade03d9","sha256":"8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a","sha512":"a3922e78b9ac5209cabea2c0945d474d24035a4e78297b3105779cea945b931ae83a59ffbf73e2877f2da42e0ff7fb5f23c297c1d7f7d09da3644ed63d82ef6c","ssdeep":"","tlshash":"c7d02bd8506ae8c04d16c7603e6c32c1288a6259238800dff0835338a6cb7ceb745f50","first_seen":"2023-07-03T07:07:12Z","last_seen":"2026-06-24T22:53:55.038563Z","times_seen":9089,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3585-1a2341a418cc0f3b.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.088Z","timestamp":1782305573088,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/3585-1a2341a418cc0f3b.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=csCcbAUCgz17s9zvEwwOESW%2BM9d15LFIe%2Bn26XU2xv6u7q7zQqBE0CNc5aynaKesBnRkKqMAjYXM00RS5Eg6TFJYOkGLfdSK6vSj6TPoGePFOdmxUABbh5JrNdsKWI%2Bqi08%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 111886\r\ncf-ray: a10bdf47df085696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":376596,"size_decoded":112648,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d66e895831146a3fcda6c0de48e66fbb","sha1":"ed6c9b6bc6805e7a74c90c2f70040a22a7c0f9e3","sha256":"ea60fb56fced9d92b0247021093d020a5438a67c1084d715a587c598278a804a","sha512":"6204b75617d69a9c649c089283b8fff6285c43d78b07045799a230225ffec878299a45b73c0b05a85a83ca19874e7de30333065e46c981d3720790649ce965c2","ssdeep":"6144:f9gGcm/FTmn65dg2/s70cs6eWBsY6EHNfm5Dlf3+FFS:XhWwKNI","tlshash":"3b845b98725060e8a28762b9552f154db33f2578e02ccd14e39ac87c7295ccce63bfda","first_seen":"2026-05-16T23:25:48.549118Z","last_seen":"2026-06-24T22:07:01.097978Z","times_seen":2543,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9564-0cf3b4f099c86954.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.153Z","timestamp":1782305573153,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/9564-0cf3b4f099c86954.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gjanpPHocoCMBAclNOx9Z%2BwGNtjCc7jOT3TqwBZpKKmEOLXuD%2BLHtpmftgDZx%2BC0HcoP89ApBP9GYUV3aBEzu7hjIlyRzfOYe8evLdRxHx6jtHwxWHDbUElHZPHl8JVRRRQ%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 18103\r\ncf-ray: a10bdf483f215696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61557,"size_decoded":18864,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57043), with no line terminators","md5":"f1133f31f38a7764ffc9bd1b3df097e8","sha1":"d5d2b6cf4dec8e50720d6754d015bc4736f6c72e","sha256":"5aec2933ae085f9a1203fac9a6a05a2dbbb5a4e92ceb66b1124084dae588afbc","sha512":"abfc85e1473134449c3ebe247ad09931b39c01a2b43e65ed5f863b30b2d791ee25b24d9335cb778771683c3ba87d996ddbabd6668d089e932c3e8d57d92cac20","ssdeep":"1536:sAvhk/n1ED3wnpzktrXFlnEA8aqLE4++E/NL7:sAv6/n1cIzk9FlnBCLE4++E/N3","tlshash":"9d531c8cf3d4f2a927e670ba283f1c3bd12e7a34971990645794e6b42549c885233bf9","first_seen":"2026-04-25T11:58:25.658808Z","last_seen":"2026-06-24T22:07:01.121243Z","times_seen":2589,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/global/twq.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:52.991Z","timestamp":1782305572991,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /global/twq.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z0510ixnSAUxPdu%2F1PPFwDEXdC4kR2QETHDotnc39jUnChML%2FnYUOYhf2FSVQEHVBVSNVY6g%2FGSmE%2Bj5w0Yst5nC1sHHnTGwU11vr4%2BCM5TUx8gl5eeI8AsCmjvGo3hz7zA%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 1774\r\npriority: u=1,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bdf473efd5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308,"size_decoded":939,"mime_type":"text/javascript; charset=utf-8","magic":"CSV ASCII text","md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-24T22:23:06.038875Z","times_seen":22275,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/8824-ddffb509a90576a1.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.115Z","timestamp":1782305573115,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/8824-ddffb509a90576a1.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r1mXGV4kBepetOpCDBwCcl%2B8c525wPYJ6fYJ5Ew6M7t8%2Fh1hoW3Tvxzuswx3VPogbdwft3y6BiRyBip1uSFi%2FQz%2BjMO5bQJcoOWrXomMOrn4sHKJmSZrZ4%2FBLuZ4cy2PNK4%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 205429\r\ncf-ray: a10bdf480f125696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":492118,"size_decoded":206195,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"88138b1397ee14b04ead267aa44c4196","sha1":"760b927bacdf81d73a0f2084bfb3ce7a76478e63","sha256":"a2d07d31470b51490786beb8167c7fafeae5a0236cb44537c4dc8857b3c448ce","sha512":"9841fadaed80aabc013a0fdccff0b1356d14a06a2952bfc883dabd299aa5fd9a4369b504e8ac7d28f47c27573be3bb4b94b08d389d3836697c2334185931304e","ssdeep":"12288:3fB+XoxJuhu/v7uV3rIPE8zGglvb9hsm8sMQMNIYsUKwJAsTF4Xylyz+hYsUUIJM:vGgthhsnR0yF4XylryF4Xyl+","tlshash":"94a4be69da7112fdef516ac0ca177015dfe6a6936fc789e8caf6ac040bb05ce4301e91","first_seen":"2026-04-13T13:34:34.606306Z","last_seen":"2026-06-24T22:07:01.116022Z","times_seen":2603,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/4212-38fe49b6236c7c6b.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.154Z","timestamp":1782305573154,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/4212-38fe49b6236c7c6b.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Du2eLKIEa4ESlE1UzdIkuaF%2BqhrfL95oGTjsJ9oUN4VHdEkAcP%2BZBmUDaN2%2FOGG5pHWRNwq0yoR%2BeADedo0qUQ6eLF%2FGa0vn%2F3ZUW4%2B2ImHAZxhU46lEVCzdgl2K0wpk3ac%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 29928\r\ncf-ray: a10bdf483f235696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114414,"size_decoded":30697,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65440), with no line terminators","md5":"e1ee028598eb24e7427f83baa42198b2","sha1":"29ecf0ab8deb78392a4121a31e2fb63c764ce99e","sha256":"108693690d6f21f1942f276dc1e12eef8524ccb9678e1faeda902063ab3b2f0b","sha512":"71bd29cc66d0adb5ad11cba3d95baa883771712afef080e8b1f7a9c107dd9beb2404a2c43dd616aaf717ba69cfd4786e0c801ff3d88b6d201b8156124535fbd3","ssdeep":"3072:IxvuXFqhT8pi01EOUIMdda2zZ9GFOTASOeBTny//G:qvmFqh7MEOUVL1TASOeBT8e","tlshash":"ccb33b9972d0fd9d3bf3946a8c1fa40ee2795c2ed42d710462d9c83c72599c8e136bb4","first_seen":"2026-04-13T13:34:34.631899Z","last_seen":"2026-06-24T22:07:01.107454Z","times_seen":2602,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T12:52:52.560Z","timestamp":1782305572560,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 24 Jun 2026 12:52:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nset-cookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY; Domain=.kuofax.com; HttpOnly; Max-Age=2592000; Path=/; SameSite=lax\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2dyvtg4ZRz7dE5mObcM%2FJ2NpaG1jD%2BawEI7tpriDkqSXVqxr3qXrjLkf%2Ffa5c%2FJAH1vT51Ay9Qp04oYabCNf2Fu%2BRu%2Ft2B16DvwiL65DoQ2LU4hyPk85Gtw9Xl5%2BWdiKOQo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bdf44aaaadfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7151,"size_decoded":3316,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2283)","md5":"3d31c22668b852e3630e8825276d681e","sha1":"fe20c62803b69831023487755713076914997b0a","sha256":"83f8480f7ee4e8a1add1ad8fc664e78e075d494eb5e2453e11c8223c6a5a9ee7","sha512":"bc34437d17531dab30409c22887f73896b873efb6239cc46437d7376f63553311c6c69a0db4a13201769bc8a8ed3ade1912d86f8bf745f8dae27ecb8dd5eed61","ssdeep":"192:EUB4BfBcq1EUTHAqRU87ig7FefSpGB913MCqO:EsgZjHAcpFU","tlshash":"cce185b36d149a2e07a39b9928ef224ea277e1078878ddc5a744542e42c57e88473f87","first_seen":"2026-06-24T12:24:23.385835Z","last_seen":"2026-06-24T12:53:43.339157Z","times_seen":2,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":4,"connect":1,"send":0,"wait":176,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/9338-742398fd846a71c9.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.131Z","timestamp":1782305573131,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/9338-742398fd846a71c9.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KAgJX6K3s8UuiaxMI%2Fi5t8x2MYZaP0Xc7VQHozNKoclqBF7AKPrFGxWYM8eQs3Qi%2F5ACE0nNtQSxrWZ39vkH781N35DqFPEyyAHyIMU0brBbAch1JsvQyBVyj5%2BohGQEtgc%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 253412\r\ncf-ray: a10bdf481f175696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1139216,"size_decoded":254174,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65360), with no line terminators","md5":"2b7b624a172740e15cab5bd742b040bb","sha1":"da4b4cacd38c8411c2757bab503b1e94d1387a7b","sha256":"cb81d12e10e97c97c29822437065aa8d5f2d0f71bed71df7e3b7d0125748046a","sha512":"8bf9e5dd6e8f41fc826a2788a73af7606876d14264892701adfc106ded698bc0b49037f06f9be77334cc5b34d939e305d98a4768e334e49b59966afeba39efe9","ssdeep":"6144:L+pzOk0ScZvzdjztsaAsU3Z2apIqOl4q58oLDmWNiWRSMGiLAlsrJYtkAgScxmPQ:ypzOZxRLLD3iWRSM9LAlsr1TxmBY3g6","tlshash":"ca25a456008827922bb37695269bdc0fa41ef12cc743c465b692c57e26cddc8a27bfdc","first_seen":"2026-04-13T13:34:34.662133Z","last_seen":"2026-06-24T22:09:23.50549Z","times_seen":2572,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/7185-909ee90aaf995ae0.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.156Z","timestamp":1782305573156,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/7185-909ee90aaf995ae0.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IZSLqpbg3jM%2Fbclod4Z%2FUEvOFkKS%2B25pXrpvpY%2BqUMXjsmCirhJnsF3OJAGqvoDWNBkHxId0bxnIxjg7JOUwosrmEwtOjS5Q7Nl6nWZ7BvKpPEV4tMmI%2BvUEEoeNw%2BHZh%2FQ%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 192527\r\ncf-ray: a10bdf484f255696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":714479,"size_decoded":193297,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65514), with no line terminators","md5":"26b6258ebec6e188d9877da6968778fc","sha1":"3d94231dfd3a34c321124245d5ad972da0fe9795","sha256":"2b06c7704958dd4fb2a69b09685d6a996f4a0c2bdd4309eb893d60c48da37cb0","sha512":"9d46d4329830556f9532582784a66e129e43f1359d233bade23964a2469ec8e40cd3e835da087119b39e8d02d5695d8b29050e60444564311394a0194670c280","ssdeep":"6144:QM59C1szfrCWDw32B9SKUVG1DmeSafWTnp2iYEGeuD+ji8ktmHUVYL83uS2a46Gn:mO7w3qEKUVG1DmtafWTp2iPxKUN","tlshash":"12e45d1d72c072ac17c363659a2b581ef36e596de125a804e3dac93c325ddccf13aba4","first_seen":"2026-06-24T12:24:23.428269Z","last_seen":"2026-06-24T12:53:43.3805Z","times_seen":2,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.kuofax.com/_next/static/chunks/3275-bbdcc2e176783c7f.js","fqdn":"play.kuofax.com","domain":"kuofax.com","tld":"com"},"ip":{"addr":"172.67.166.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://play.kuofax.com/","date":"2026-06-24T12:52:53.158Z","timestamp":1782305573158,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuofax.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 00:16:44 GMT","end":"Sun, 06 Sep 2026 01:15:31 GMT"},"fingerprint":{"sha1":"F6:EE:5A:F1:C4:46:22:DA:D6:F1:04:EA:30:DA:55:D2:F1:07:44:2D","sha256":"A5:DD:6B:51:C0:C4:E6:43:C6:2B:9C:28:2B:9C:6E:E9:A9:DB:24:5C:83:92:02:25:54:C3:B4:52:E0:F8:64:79"}}},"request":{"raw":"GET /_next/static/chunks/3275-bbdcc2e176783c7f.js HTTP/1.1\r\nHost: play.kuofax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://play.kuofax.com/\r\nCookie: landing_attr=AVWtvfDNncg2mk4OUdDTDVBOkpe8p7enMlwflTPbzR1GBX680hCt2i0KpnR8NN6piE2AyaHip1kCQKF0q2eQMHKlj0plAuQFC9k9swY1R1kKcq2Yqztlqq5Oz0-W2FIfeYOiqzyGm53Gwhi6n29TdsVDbOtesmDK9klKznz0-hTDG5TunyZ815WMN8wCSV5i70TrJy_7NJ5OABw0avwT_-gwX5LstfwMRl3tM0sVWNF9FPY\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ou3zTh%2FF%2FXeFswXHeQJ5MorP%2ByeyXkRWEiL%2BO56vItfQoYt1%2FfnbLoXH9%2BZi8uQd7TURNMgRGvMeo6Pe6IoEVncuJwymGT77P%2FVOgYvpL4I%2FJe3RssduhKnAZSKFk74Z6w8%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:52:53 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 1774\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:23:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 2070\r\ncf-ray: a10bdf484f265696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6161,"size_decoded":2840,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6161), with no line terminators","md5":"29fc6e35b3ecf993dba69228545f4d1e","sha1":"6d3d45d5d6e89c4c0c4be382359946c7f0c64529","sha256":"23fb767865b4ce96a897782c29d5a975a49d03eaf182146c61cf437eb690eb62","sha512":"17baad66b6b4cb23da59cdd3a0d01eccca6dcc23a46c7dfd990ebe03b91eda2b8749261247e731ec40440fe1380174321def6faff0fd888fa18663fff48e7a1d","ssdeep":"96:B6MlXsyMUxCCPs1VAbAvHbhPfjBItMbk6wd3E6l7b+5UYwhP7gb:/XDZ8CPuCsH9PFItQAU07wU7P7gb","tlshash":"ffd19961f091ebe4f8b708e8952fc40e726b2644d61948e1f5bbb8701b101f87b27f89","first_seen":"2026-04-13T13:34:34.666569Z","last_seen":"2026-06-24T22:07:01.100056Z","times_seen":2600,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"play.kuofax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"play.kuofax.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}