{"report_id":"62ac0615-9820-4d03-8b53-13ee17537d94","version":6,"status":"done","tags":[],"date":"2026-01-08T00:33:22Z","url":{"schema":"http","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"title":"kucoinkh.com/","dom":{"size":57272,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (54925)","md5":"35dcc82de49398feca87666cc1e65104","sha1":"4c4379826ce6dfea2fbe2d98eee38690dbaff10e","sha256":"ea01c58e918df4d836885ff653d259002762ceb9fdf23b3e37cec567c05f8381","sha512":"93f0d8724ff693c5e94030f6b49c53df398acb28e5eb2a7b64e7d6a85ddef0b5143206162345186761e3f8273d9639e1c9ab60d451243fc95cc73de3a166732e","ssdeep":"768:tK5idOW8j9qnSXXgwCDyIWmWbn9amWbnf2g8Wbnm5/Wbnm3WbnusWbn7AakMWbnp:tKXV6SULD2gx++JCBIakhemo0ZT","tlshash":"854341b04058167b035f4ee4a076979a7ad3c68ccc5ba04857bed3e24febda19c6c187","dom_hash":"domhash816e69bdc1fb3f9bc1e7083e5cd3d00d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-12T00:33:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"kucoinkh.com","ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"2025-09-18","domain_rank":0,"first_seen":"2025-09-22T09:59:59.608426Z","last_seen":"2025-09-22T09:59:59.608426Z","alert_count":239,"request_count":48,"received_data":1657882,"sent_data":20864,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.coinacb.com","ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"2025-01-26","domain_rank":0,"first_seen":"2025-03-16T17:32:20.252575Z","last_seen":"2025-12-21T19:38:13.734459Z","alert_count":0,"request_count":1,"received_data":1033,"sent_data":473,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"chat.hqcq668.com","ip":{"addr":"154.86.0.20","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-10-01","domain_rank":0,"first_seen":"2025-10-05T03:26:38.221494Z","last_seen":"2026-01-07T18:45:07.571314Z","alert_count":0,"request_count":1,"received_data":305,"sent_data":552,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"57ba3e001432b356b49631c653c30383","sha1":"71398a3b0749853d0247ec426d182d4156a5937b","sha256":"f26a17e4cde6d415afd4a70d06c50ac976947700499988e31889190680cdea4f","sha512":"9daf0fcb42f8eb7c7aa102f90ce1dc28ea9557ef4d4a6f1ccf1c78ef054633999858f5c3b6b67cdf8ed9bf8513a21d2f8ad9bb820535b4831068de8cf3899fad","ssdeep":"","tlshash":"b0c08cc4b0c62e102606a91814af24e49034402770481b128cd4dc483e220b0823be98","size":142,"data":"","first_seen":"2025-02-17T15:24:03.216051Z","last_seen":"2026-04-01T18:41:43.015181Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-VX85pUk-.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"123899d481691d70593e2c07f7370d93","sha1":"d7e531531bf35c9963c05bbd8bc461afa3542da3","sha256":"984cb3068f8d5710fa588e9ba234ec3c4c0f32d7c5a0a8cdd9a7b0113f1be8ac","sha512":"5d6a25758e9e0a47e45eabf7b41dd2ada05fd2f541d811184b111c6b6ca4a72e3fbdb0cf52e395f7261317c019dc42ec01d0e848179d1a78651c1c4b0ffb38b6","ssdeep":"","tlshash":"3e61a69c78f0b53656aa96c4144b8fd0ba0727cfe034c2d1f1aa7c6523a89f5802c79f","size":3341,"data":"","first_seen":"2025-10-05T03:26:45.249657Z","last_seen":"2026-03-01T23:53:25.637093Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5a7861615b0953f5924edbdf07264fc3","sha1":"91c2cb6bb36a16afcad16608f1d231ad837c00ad","sha256":"ca058538f3f7eeee17bf7579fab3da464f47c7049c3cbac0ef0300727e726681","sha512":"aff5d13cd895faeb804050ce25b4313bdaab73897f9ed8ddb7c72e1614af61bb39f240fbc02dfaed281389cf1e0b03b911f07edf1a2e121547c7289c4400d885","ssdeep":"","tlshash":"a7c08cc4a0c22e002602651010bf34e490244026704c1b228dd4d8482e230b08233e98","size":139,"data":"","first_seen":"2025-02-17T15:24:03.190757Z","last_seen":"2026-04-01T18:41:43.038309Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"909e35ce121b5d7253565586b3df9305","sha1":"37caa9bdea469f9cd7acbdf777e409cebc1bc485","sha256":"c1ea724ba946b7d575951e93c17e8450f521cb54eebf1b2ead4cf39048add883","sha512":"7724fd61837afc55dc70cdd5ef8affd38a6ade288f6d4ee2707d212d9a867c78284f152f58137fb656d9c8aaa1338edcfeed203e84ff74687a170570ceddbb90","ssdeep":"","tlshash":"92c08cc4b0c63d102602641124af24e4a028402770482b02cee4d8893e635b89233e9c","size":147,"data":"","first_seen":"2023-12-04T02:29:51Z","last_seen":"2026-04-01T18:41:43.040984Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"33d3d67c36cb66bdc0d2c35cbde79940","sha1":"874d8afccac03dd528685dbf5f33836b8b58bae7","sha256":"2c00932815353b6273b15a427deaa4374967ec8ace9cbac9229cf563c3f80513","sha512":"aa02159c5c272ba479938ab609cde6a79f2e7453600d02366a36d4f3c3536b381d9024a2f11042a9d3a9e6726612a77c8f4334a04e32a9fc524e808506b6e8e0","ssdeep":"","tlshash":"fcc08cc4a0d77d001602655121af24e49034402674881b22dc94d8482e220b08233e98","size":143,"data":"","first_seen":"2025-02-17T15:24:03.21078Z","last_seen":"2026-04-01T18:41:43.038869Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b2f4cea747f024ebfbc20c84e6b19a4f","sha1":"b25b1504c4db2b4230ac57f636f84565356e2354","sha256":"fe0e92529614dee9941b6b4ef76ed1d8307c4713ad54777c4896b06a735025fb","sha512":"063eee4ba32f4d7c95fd437519c187b1c5c0b6ab1cca93e595608eb255722aec7b3686ae524534e5b13c882d880f2dc730f6930830f5596933b4fa6d9cad4450","ssdeep":"","tlshash":"d2c08cc4f0e32d002602642010af34e4a024402670881b028c94e8482e230b48333e9c","size":140,"data":"","first_seen":"2024-08-19T13:12:00.806171Z","last_seen":"2026-04-01T18:41:43.054527Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a4bdcb8203f55c2a0d42fe2daeba7f94","sha1":"28d4fb637c1f7d7cfc979d90f4f388d62eb58a51","sha256":"386fe5926fc7fa712f45c79142ec5390c9082ce14bd96a609004647fb1f4d823","sha512":"09dd6e53cd308472025baff2f600acd0b5be74b4d557bf48d7402cf6147449fa01db100adc90a5ea3930e80b42a5a2a1782265620c3f940cc93f60e873363d5e","ssdeep":"","tlshash":"c6c08cc8a1c33d001602661060bf35e4a0288026714c5b128cd4e8492f230b88237e98","size":145,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-04-04T23:55:44.730106Z","times_seen":406,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"ae455fc13cae166f33694871368e0333","sha1":"b0339bd88c98ce949779d10a804ad8a4793fe449","sha256":"55f534fdf02de222147dabf89effb35048cbb3bb86c01c12e3dbcd70389d5cc6","sha512":"1788e28258e79aeb1edf776483173cdaffb18508824543f923fd67cc9433f135cd58864c4d5da83a6ea252f8a465d4ee92435f3fe5b7a3a0c7ba63965b1db3b9","ssdeep":"","tlshash":"97c08ccaa0c62d009612651525af24e890244426704c1b528cd4dc882f620f09233eac","size":150,"data":"","first_seen":"2025-02-17T15:24:03.221582Z","last_seen":"2026-04-01T18:41:43.034393Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DLFFeSmc.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d82288d111fac43b5f6b03b81687209b","sha1":"d5d592120c7afbd3dfd52a749c019b120bcd6ea8","sha256":"4cc5ff9b552166db78bba4422521c30be953ce70e03f6a55d402ba2dae01bc48","sha512":"8b87c8c80011f10c6e448200cfa989dbda66d372986caa395344d3639a2de72e0feded77398bbe349db64da401528a2099143ab55e947243059345c41b1c82a1","ssdeep":"96:Eg/ozKWEXC/uWmRc+HH25DsyGYQt0pxAjXDSBVISQlI98As6s6YWtuo9:/KyCvmR1H2eyGYq0pCLDsIss6EW4o9","tlshash":"21b1c7e13090fdb7d339aacd516101d0e3ad57e03116c6ddb06f9e032659cf866fa60a","size":5147,"data":"","first_seen":"2025-10-05T03:26:45.272172Z","last_seen":"2026-03-01T23:53:25.65613Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1fa7a8bc0f1ecf8b6da179daf9033372","sha1":"f286feb22a81108dcc4f31bb6de57f27b1af1252","sha256":"a28aab8d51368d638be23e21545935cb713d9fbc613db622ddf04dcf649e4194","sha512":"8908dbf215c8cb564b15123e9f6172a6531361b5cbd285766e8b0e2b0a4a393925696e3024691eddbf280ad090870e7287ceadc9f8ed04492e7c442ab83d4db2","ssdeep":"","tlshash":"93c08cc5a0ca2d005a16642325af35e4a438402a714c1f038cd8dc8c2e221f4c333e98","size":158,"data":"","first_seen":"2025-02-17T15:24:03.17261Z","last_seen":"2026-04-01T18:41:43.025428Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"14a17c414f312ee2d4265b01fcf5a089","sha1":"f06a8e488ec44cb12972c74969c92d2f9fe12e01","sha256":"5c2d7cd8785162604035b38c78c0f23a55729acea7287b68b334e502f1fd3528","sha512":"953460329439cd6158d7e5479c1ceb50dd9b23a941515ceee7a489785cffbbf255023abb0badd1329befcfc7a4e2d8205759a62d7d1d35e584f066f9647b3f06","ssdeep":"","tlshash":"3ac08cc4b0c37e002a16a55014af74f89038406eb48c1b56cd98dc792e630b4923be9c","size":156,"data":"","first_seen":"2024-08-19T13:12:00.768018Z","last_seen":"2026-04-01T18:41:43.020971Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-p3wv2Zlh.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"0e4edebd80ea1f3f0bd212c7ba048eef","sha1":"386fd01695fb9f7612f2192df1e50a86a2d49171","sha256":"9fb61d179732903febb26be439df690591ce8436905be5bd3a9696a2e0d6241a","sha512":"8df790536fa6e177bc27ea81202193582ad7283eeac06da52d99fe834f2093f1fd013f45c6676238fb04f8a2a327abdb5c5c8a41b09ecb2c2b1e3b3961c4d901","ssdeep":"","tlshash":"8af09eee99d1e971b5553b44adae0c0653188506b190d861d88dc5d877c00d4f7be63c","size":530,"data":"","first_seen":"2025-10-05T03:26:45.26954Z","last_seen":"2026-03-01T23:53:25.642459Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6c4b63197790d25a07f25a43bd99b082","sha1":"9cf651883e08001a9ec271a0c3c2d4ba8cbfda2d","sha256":"cab5094ca7bb9e74a1d0753500ab633f54ee468f574b0c71293e95e0eeb863b6","sha512":"019ba7e344e3b8e2fb0b9b422fc54931b8f5650f519c8532a13b38b604c7761110390b28f6531300602e1e130ef426834d9ce94baa0654db26da7edfbba9b19e","ssdeep":"","tlshash":"5dc08cc4a0c23d101a02641020ef24e8a024806a70881b028c94d8482e230f08233ed8","size":140,"data":"","first_seen":"2023-06-19T06:03:31Z","last_seen":"2026-04-05T06:32:44.502092Z","times_seen":605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"046be361ac432a93dfc66526e048cf8e","sha1":"1474d8bee5618368bfe182165e12a651dd2385d3","sha256":"fa81a3a14d508ae38a08c59cb3f59bb82685ea3c69a4720aa3e3aa63d9a262f5","sha512":"92c3657207df59d19076c18c08727eb5069c988238f06399aa31c5cbc22aef485f474b7989b1d4f7bd1babaeeea561ef143e8d42866d0870dc6e811e68c588a7","ssdeep":"","tlshash":"fac08cc4b0e26e202616681111ef24e49034402674885b0b8c94dc582e324b48233ef8","size":151,"data":"","first_seen":"2025-02-17T15:24:03.197972Z","last_seen":"2026-04-01T18:41:43.011635Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"86607ac484109472dd26f2ec8aa528f7","sha1":"d864056f6c65c1c80ef852d6988cd845d4b4b9e0","sha256":"efe50c3b62779535d70ec1ce7ee577c8ae006671f14dfc1c8adf00c6523f0313","sha512":"92f38469bf09d0254e937a696fd23d1a702c41400abb4352c5f627ae517654cddedc768954ca1dd604c7e1449f4bb94916b5729aae13c9f933f172d441400d1b","ssdeep":"","tlshash":"b6c08cc5a0c62d022642641120af3ae4a024842a70881b529c98d8482e230b08233e98","size":143,"data":"","first_seen":"2025-02-17T15:24:03.196737Z","last_seen":"2026-04-01T18:41:43.019369Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"eb91014e314a529dd8ff5eb04936eb5f","sha1":"417c7ed2e52e9c6aac48138724fa945309368280","sha256":"2ae338bf09fab6392c5d113f6f2c19fe305fee311603544c80b638edfce20c8e","sha512":"772b6552256b5aab1eec91e224dd834ce65aa3bd2d1c61fff7e7f3fd5529ec06432dbb16d2835cacc2be86069ec5842809483bc342c946743fd69e4fb1567f85","ssdeep":"","tlshash":"edc08cc8b0c32d001602642121af35e490244426b4481b528cd8d8483ea20b08237e98","size":146,"data":"","first_seen":"2025-02-17T15:24:03.174765Z","last_seen":"2026-04-01T18:41:43.055026Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"abf2b4678b77d13059627df62f388c97","sha1":"1e6d9ecb18ed780dd7203358f1d2560050523279","sha256":"7963f15b9da208e941fb7ecbee184c5bdc4275db496bbb1781f904a4705e0ea8","sha512":"7b479aa0b5623a0606085e548542b11b4a6c8473482f9fcca56d1717c863f8bbafe62e0b6652c29a5c9a39b7f0c48aaf7b064fa6d1754e20791dca6e358e6d16","ssdeep":"","tlshash":"19c08cc9a0c32d113602a91110af38e4a038842774482b828c98d8882e220f09233e9c","size":147,"data":"","first_seen":"2025-02-17T15:24:03.227369Z","last_seen":"2026-04-01T18:41:43.044917Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-AWNjdvl6.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"434854e8056249943822933c32315cc2","sha1":"c164b0999e3347a7c989785d612ad5efd3d8758f","sha256":"d0f4194a18cf9b764854a832f2b393ef46903b9ec12cac6ecf04ca66ec7afab2","sha512":"0cc8965316d1a3751c8353965a1a4c8c93f4b4aa1bbb401589ef114f59e6a028f9a3171a5f31aa139551cd900b75dadbcb74db1efe7b043b6195b9cbe497b8f5","ssdeep":"","tlshash":"33314495fdd8e07023938ec8815a4ca1d648079ba57ce2d1e07b39942bb56dda47cf1c","size":1844,"data":"","first_seen":"2025-10-05T03:26:45.252384Z","last_seen":"2026-03-01T23:53:25.649653Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/use-tab-status-C1igZJLY.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"db8a55b911c44fec1d0044bf0b639176","sha1":"93dc7e198718a4ff1a46a65238cf3a79273f08ff","sha256":"8901be184ca30a1a5fa6aebb9cc854ab6baa66765b3c4efe2f7040b9ed6da282","sha512":"712819c2fe5770e8df6efd3c436290ef0080eb04b9b61df3aaba1b78d8b68d034dca935e110b3afc076a7161805a8d9948bcfa68d4c346fe4209ad2641aebc0a","ssdeep":"","tlshash":"1cb0125f489011b508050fcd634c183583209d5ba39259f05108856423113d2f50de55","size":97,"data":"","first_seen":"2025-10-05T03:26:45.273727Z","last_seen":"2026-03-01T23:53:25.654497Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/utils-DTpBcXvA.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"968a23a0745e12d0500aaa4b8d85d5a8","sha1":"fb5a659e5a8f1b4ae254287e6eec7c443740dc1c","sha256":"2cd2736c0cf946e6fae4be179068c553cda6e5178a3afb6a28e402e878ecc2cb","sha512":"8a43e0e531afbecb3ef944b366138d1062166098605645f651c03054ff2dbed7b1c0d86ada6ba615ef45f7c3558951ada742128b36c3df0c1f7845b984865f5f","ssdeep":"","tlshash":"c0d022820490a1b292a40dd8a83568496831ab3c422da4caab5a82880ac16a6059ce6d","size":209,"data":"","first_seen":"2025-10-05T03:26:45.307127Z","last_seen":"2026-03-01T23:53:25.661044Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"a15c447f08875de3100ed8997d5994ea","sha1":"b77d1c8bbbbcc5d0ac532e1362d796508029192f","sha256":"edd33609ab9f781e02fcf2c8e5ecd9f1e9b7bfdcbb576f01e9b2e78747b47e47","sha512":"55050de7b026795f86b16a8f6a67428555e9d05c394d87abf47b1bde43968be03e16569d97d1f38f6d37a1cc8b9bb5349cabe354e3def7dcbd5187640e3ac7ce","ssdeep":"","tlshash":"b8c02bc8b0c33d002602645010bf39e490344027718c1b43ccd4ec883e230f09233edc","size":139,"data":"","first_seen":"2023-05-08T20:49:32Z","last_seen":"2026-04-03T09:24:52.25874Z","times_seen":665,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"751093f341c73cb555ba030fa25e40af","sha1":"489346d8d2199edc86b0cf6f2b03f9196524c97c","sha256":"acfad071fb5778e7d43214329de4ea08cf79dc3a55e3302fef7a8e806678c4d1","sha512":"d0b1a013d8cb9ee6a341b6e8eb7928eb1cacadac1a89115d606ff762cf86a05fb889e33f1eb1c928d4e10da85e23f1cbf22a1730cfbd380d364cf3d0aad23790","ssdeep":"","tlshash":"62c08cc4a0c72d101a52745014bf24e4b034402a70489b438d94d8492e230b08237ea8","size":141,"data":"","first_seen":"2023-04-30T07:46:29Z","last_seen":"2026-04-04T10:40:53.373868Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"16433b29e8090f9771f0586f51d1218b","sha1":"fe810f8814ba0246f240b62bcdb575c4cc895d34","sha256":"b3f7d641e0a012af7895b2dd0df252a8e9c6523ae236f4d350e4c7996d035dec","sha512":"03dbba075bfa3f08ac7109054220d14a766af6d167161bf5b18d5b6cf3f40c104878dbb393c597b0c03cf6aff1f75232f2062a3b676be6a2142892b0c48533a2","ssdeep":"","tlshash":"82c08cc8a0d26d002602a55610af38e4a0288427b0881b028de8ec883e230f0923be98","size":148,"data":"","first_seen":"2025-02-17T15:24:03.233407Z","last_seen":"2026-04-01T18:41:43.032185Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"fda026047e8eb1a5882e868c6621ecb4","sha1":"94912222851f4eef4664202cb513d7f3d45993e5","sha256":"389ca4866842c71e748f3385526f79ec5d78e6fc86cf71a48a0c44012c59fd8a","sha512":"c7ddb08213f5190b3cb67a8b6cdb51338e1763bed5a088339a123b7fb1f6e67f25289f103a5664785612b1782a4301d3d9d16f8a6d466cceca1e1c1814af3145","ssdeep":"","tlshash":"d3c08cc4a0c62d002602681111ef28e8a028842a70481b039cd4d8893e620b48233e98","size":141,"data":"","first_seen":"2023-08-10T20:40:22Z","last_seen":"2026-04-01T18:41:43.016257Z","times_seen":208,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"0f5fe0787cd8e0ecbcb4cd952894a8b7","sha1":"d43628197fcab15076d66a35b34fcf121e313189","sha256":"cb48ecc1b44293573353b165ece68d9f1fe13f50556b5f8d3ae683fc5a9b619b","sha512":"ccc2d734bb0f275c05eb1ce6db8049e726211a3785705442496d241b2369dbd0c739d4ebbed713c3883ca59708b6bcddca34c1c23906cb487f15580bf6744452","ssdeep":"","tlshash":"01c08cc4a0d36d101622ac2010bf24e490244027725c2b028cd4e8492e630b08233ed8","size":144,"data":"","first_seen":"2023-10-05T08:35:43Z","last_seen":"2026-04-04T20:35:14.521083Z","times_seen":923,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"27237ac6a76bf58eb7323b811ad7b1f9","sha1":"c9c574bbd37fba13f98eacbde2e9e40d9d3a36f3","sha256":"4899153c09253641553fdc250cd9df333c3cca6b2c51ae84bcf6b1733127fbce","sha512":"064956c6e92f7ea2ab8cb7f7f125a23c8b9a018379864bd89137963db428544c499c526f6c29bb0332921a8ead93b97d9eacd0cc8f94f692aad47b547ef64ece","ssdeep":"","tlshash":"abc08cc9a0cb2e005a02765025bf25e4a024406a704c9b038cd5dc882e230f49233ee8","size":151,"data":"","first_seen":"2024-08-20T15:23:09.305651Z","last_seen":"2026-04-01T18:41:43.015703Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"661c744d2f07d3e897e9ab2fe2c13c17","sha1":"12459f399c5f1293a66c50c38b7e41dfe18e595e","sha256":"e75054b5c2da92089a68662a0eba3a6bf7a5193a9fd6bc94c77bf0dc289c5272","sha512":"00a3ce93ab1cced9ad5eb9aa6637506526c1aa0ad1fe52bb7a924881c503e07995a81fbd4cdd4d4d3e562e6d55395e5523ae4c931e5332b49f0f3642284c7e09","ssdeep":"","tlshash":"2ac080c4f0d62d101613591118bf38e4f0244026b45c1b42ddd4d8c83dda4f88233d9c","size":163,"data":"","first_seen":"2025-02-17T15:24:03.189313Z","last_seen":"2026-04-01T18:41:43.03943Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"d50b124b5654a850fd40e3f91b87e5a2","sha1":"6221e0edf8cf0b0e57306e073db4351f4b97f6ca","sha256":"40e35832f1a370fdbc47f20dff5fa2f592dd1ec85e622d90fc6f9a07d35b9d2a","sha512":"33ce743718eac58927c9868fc5e8e54b3ae36a595698ceabc545bedaf73f85697e38767155e66127ce77a2fcab86471dc2e4ee491acc93bcf94f3906c94c5f64","ssdeep":"","tlshash":"b0c08cc9b0c62d106602695010bf24e89024402a704c2b028cd4e88a2e230f08233ea8","size":146,"data":"","first_seen":"2025-02-17T15:24:03.232199Z","last_seen":"2026-04-01T18:41:43.048541Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/Market-7BiP61kS.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"855929db93dbda531898ec69969aa0c0","sha1":"e92ac319fc4a2cb5f122b9ed3646d98854369c1a","sha256":"55920acc1c3ae9bb1c83af7ca315ac298810b3f1d90bacfc9a798001703f52fc","sha512":"22e1c4ab612f5769f7a3f41c613b9d040ec47bf99019658af7ec652a0fd8fc187d9af9fbd46e82969f48ddfd9ffadf9b3db065352b8462b3551180831067b9ec","ssdeep":"","tlshash":"bc4165deec35c5f5a0ae09a495294031321e3edde212914e63bd582a37c3e6ca6cd3a4","size":1887,"data":"","first_seen":"2025-10-05T03:26:45.278384Z","last_seen":"2026-03-01T23:53:25.652154Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-BwgTsU__.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"cbbc934c408fcbf78cc23ed4ec17369f","sha1":"4518864e3c7da44230b7ecbc90a8c8254a266351","sha256":"89107d200a89653b73edca80c19857e3f2b0ae19e26142a687cee2b78dbf4d10","sha512":"053454c7cd7eef7ef528448be7b1e2f032503942de28fa345b65af8385ec232515d10f5ba9394b3553245a574ecf046725711aa4326414c6fc3ce1cd0ead4b05","ssdeep":"192:wiEqkLXkUS1nrYQTrC3iebJc6LF/wIWAOg1a6fLDXTpkZ88VwDD5NDUWYPoC6Iz:wJqkLXhejIJR/9nTc6zDXlEwDLDUboCh","tlshash":"9422e7457444b072d77ba9c9c02849e0162d3f88b629c5e1b06e6d5927d95f0f0eef2e","size":10381,"data":"","first_seen":"2025-10-05T03:26:45.256944Z","last_seen":"2026-03-01T23:53:25.660215Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"e06f1672b7a76c72c9e1dac70a969ced","sha1":"589430d023d70e4da4a4b475aa6938ccdaa49b14","sha256":"7dd29da79fb343c01433e36bd8f66af09e2957e2f34f4bd55f66899606368a6f","sha512":"ca48f8f9afd721b01a34c21148b49424c7a5799febb84091c5d5aeb88c0004b5aef4efce3e3df2cd34b961f604ccc50054da5437716f18a5595a60623b7803bf","ssdeep":"","tlshash":"18c08cc8a0c62d242616642054afb9e4a024402670485b038d98e8482e220b49333f9c","size":148,"data":"","first_seen":"2023-06-09T20:52:21Z","last_seen":"2026-04-01T18:41:43.050126Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"76546f311604c7eff4b08bee3e8dbb40","sha1":"3a09b3c820e5b59439c0deb5779cc28b762f1795","sha256":"0aa612bdf6c82fd0d271f82d985663da0b83dfb1e1b8d07c383a455e778aae57","sha512":"fc0b738476ef37052b6fd9e88a3b5dd902c91a21271fafe9c1340d8669898f2a4a04cae373f724546d2af0a3709edd1763c4d33030b1824af132e8a4d502881e","ssdeep":"","tlshash":"1ec08cc9b0c62d106603aa1020af38e490254427704c1b169d94dc882e220f4823be98","size":148,"data":"","first_seen":"2024-08-19T17:43:12.102875Z","last_seen":"2026-04-01T18:41:43.051505Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DS2CRakW.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"7153a8d3fe890ad9f2ae794932f2c883","sha1":"d6d4ec295d38184ed62075e021c17bc82b319377","sha256":"0619f593671afbeb3758182eeda4bb8a3db06ff73e3ba2f7e9b32788be6f5c44","sha512":"5fdb51bfba0e935b3a687290e0440f994d05d173f12b6da11d0f7241a815fe8c496d07253d8499f89d2b7d19dc830bc34d6e8ceaacd4cb277256678a14695b14","ssdeep":"","tlshash":"b1318782f4d72939a376dc95c0980560823c0945f904dfd6f17e5c1a27591c1bb5ef48","size":1807,"data":"","first_seen":"2025-10-05T03:26:45.270924Z","last_seen":"2026-03-01T23:53:25.63223Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-B5Dx_hBl.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"375e31efcdd6dcb1f5b11769b4e38768","sha1":"bedac8aedf69846900390c8665fcf49c7c8b3081","sha256":"95553c0a2fc864f3c9f14162737dc7c77133dcbac0e950bfaa6e084ac1aec085","sha512":"697583b161be6d57301050f23043f0957e62279527855969cf72791f6ce1f3f2022743e07682e17920260ddd6e58555201dbd8f9dffd1bea75b96af6b90f9feb","ssdeep":"","tlshash":"3531868ef9c69038d34bb4c0d0995051910c9b2ae969a4e4e07bdf841fac685f45cb2c","size":1658,"data":"","first_seen":"2025-10-05T03:26:45.266132Z","last_seen":"2026-03-01T23:53:25.653704Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a15c447f08875de3100ed8997d5994ea","sha1":"b77d1c8bbbbcc5d0ac532e1362d796508029192f","sha256":"edd33609ab9f781e02fcf2c8e5ecd9f1e9b7bfdcbb576f01e9b2e78747b47e47","sha512":"55050de7b026795f86b16a8f6a67428555e9d05c394d87abf47b1bde43968be03e16569d97d1f38f6d37a1cc8b9bb5349cabe354e3def7dcbd5187640e3ac7ce","ssdeep":"","tlshash":"b8c02bc8b0c33d002602645010bf39e490344027718c1b43ccd4ec883e230f09233edc","size":139,"data":"","first_seen":"2023-05-08T20:49:32Z","last_seen":"2026-04-03T09:24:52.25874Z","times_seen":665,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1eeb203a76be04805b83b692507f76c7","sha1":"a768cee451782fb86cb10d827ba7ad4597d5c5f8","sha256":"6c298b04ce4b8b0be3bc98403a613224248322e06f100a26f1e3b705dd7f3f57","sha512":"40cf821e8854ea9d0ed7383397372b0212f8d2a91031785e0e82a3f76eb36778ff3675ceadbce7a2bafd5924597cd6315e3483d65cf17ab9abc4a27c7e6b6e80","ssdeep":"","tlshash":"d1c08cc4b0c32d005613a82015af25e890244027715c1b528de4dc492ea30b08233ee8","size":149,"data":"","first_seen":"2025-02-17T15:24:03.173774Z","last_seen":"2026-04-01T18:41:43.044018Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"c91843a128ff2c266e665e4b8fdd4551","sha1":"80dd171a3d515d0a54aab75e0ec409e4195cc7da","sha256":"d65e619c2a8c65dbb7559701dea539eb9f9dace7810be7ac5ca14425b41a52f7","sha512":"60b30ce253ad34a211557417362b889b3c6a7aabb0f84054ac170d660ffb4d6c3c4ab1152e49cb26704b998d9f2260f1fe60adb8528d1ceb2e0887f507ed6af6","ssdeep":"","tlshash":"afc08cc4b0c32e002603a96014af24e4a024402b728c1b539df8d8893ea30b49233ee8","size":154,"data":"","first_seen":"2025-02-17T15:24:03.202475Z","last_seen":"2026-04-01T18:41:43.023991Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"166d436233d756ddebdb13320e7202d9","sha1":"b848d149a1e6c05e38917f28aa5f359a01155f77","sha256":"45e447f81079be863980d60bdaa5f2479c8b6d258d2dd2a549e583ee1761c0c9","sha512":"905cad78ca099b0e00c522c964bffb2dffe5ebfa9eecc58b8b3fff2a4dd6d91690e08b476a858daab48de350a45acca4e2dd348700c7b068c722df8be5a5659f","ssdeep":"","tlshash":"3fc08cc5a0c62d102602a52190af38e89028402670481b42acd5d8882e220b49233e98","size":141,"data":"","first_seen":"2023-12-03T06:20:29Z","last_seen":"2026-04-01T18:41:43.014657Z","times_seen":296,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"cde0bbe2ce11ab5e3aa7311138221ab6","sha1":"1513412609750e4eb1a86ccb8c2300eaad33f1c1","sha256":"b8169158029dce83e3c81a91efe9ade76ad06e8af8f7f2995f293bcfa3086e0b","sha512":"65d8b6b2ba66983b204a4c855076cf361923b53affcf7ae15d836ec861bf245f45e446d9ca418b1ccae31f83e0a6e4f86651ea8b09376ab6d3d686a9cf6cf67c","ssdeep":"","tlshash":"4ac080c570c66d005513795411ef78d89028801778485716ddddd8853f530b48133d98","size":159,"data":"","first_seen":"2025-02-17T15:24:03.195655Z","last_seen":"2026-04-01T18:41:43.017182Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"76546f311604c7eff4b08bee3e8dbb40","sha1":"3a09b3c820e5b59439c0deb5779cc28b762f1795","sha256":"0aa612bdf6c82fd0d271f82d985663da0b83dfb1e1b8d07c383a455e778aae57","sha512":"fc0b738476ef37052b6fd9e88a3b5dd902c91a21271fafe9c1340d8669898f2a4a04cae373f724546d2af0a3709edd1763c4d33030b1824af132e8a4d502881e","ssdeep":"","tlshash":"1ec08cc9b0c62d106603aa1020af38e490254427704c1b169d94dc882e220f4823be98","size":148,"data":"","first_seen":"2024-08-19T17:43:12.102875Z","last_seen":"2026-04-01T18:41:43.051505Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"cd00fff388d06a3ed7e3480ad07ff4de","sha1":"932d89cf7fdce8dc814c4c8316ef4874010d1941","sha256":"de9dffe9454e150fc7f4c114815c662ee5e1f50abc419058d75e066dce392225","sha512":"6a49c46a74ddbbecb2fe4b8de34d0b5d078e81181b1759eb2cdd74cd81d9d9a88b9b3cb6e23f97d9a8442268cde3ee63a41e5ad35f8906d7f8d474cb91279626","ssdeep":"","tlshash":"d0c012d8f18329125a05652524af25f5902e886fb44867868c98d9596e630b4a223ded","size":187,"data":"","first_seen":"2025-02-17T15:24:03.209641Z","last_seen":"2026-04-01T18:41:43.04Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"4f1fc0c8c1c0e0de17fc0789a3c1efda","sha1":"c2123b2188aaf414d24c8147e7846f3d9139d8f7","sha256":"24f7aad53572ec6787707c98745c6090ffc2c3991c4f1d4b5c12c2b718edcaa9","sha512":"d6ac9c8fb338d9072a55a1fe60f49e234d407efc33f0358af246f04a51a0855fa67cd7cd58a40858d8630cf62af87ac9c7678331ad33148f418964278fb5694f","ssdeep":"","tlshash":"19c08ccaa0d62d001a02649420af2ae4a038606ab0882b52acd8d9482e230b49233e98","size":151,"data":"","first_seen":"2025-02-17T15:24:03.177524Z","last_seen":"2026-04-01T18:41:43.053005Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-CJ9wK-pf.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4c832f4b65f090892cda40ec1b6e53c","sha1":"460003700169e382142b762fb764a9c3c0080002","sha256":"2dad0f328216c2f8187bbb7bc215effaea85e0ba66dbae3b1a9f543c6cbff736","sha512":"96c7724f9cf50e2bd4c32615b796339290d82e696c502a56a7c74f10c6af6c2754aefb107b2b89f41ad9e0bd477999098cfa25802a620a10bf25917034cd8530","ssdeep":"24576:8BXr16tRcfmWUy0Mtx20hrvLK6C5no/JJAQubDpanlNGNuF1QxhOPnL0wTnGC0k4:8BXr16tRcfmWUy0Mtx20hrvLK6Gno/Jq","tlshash":"d845ae3535ca2869c3d11795512b3f0de21aafa0f788e9d1138e59a633e3e06e55ef30","size":1195755,"data":"","first_seen":"2025-10-05T03:26:45.311913Z","last_seen":"2026-03-01T23:53:25.702949Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/home-EpH2PIe-.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"74b2b74f8cfc41495107a110b87487de","sha1":"78398c69429ffd37b616335b39cad8bb38ad6ee1","sha256":"1903259aa633d59d6cf3760639edf1a591eecddf4f20043505d05a8fb99461d0","sha512":"997168e4c8d40f04ff6569112efc846303a45d59fc9ea5020dfc14a0184085062d65ba734005581e9c6d32b3c42e6e805fb38404260e500a02e26a6cc7e9cac1","ssdeep":"192:8gjeMsCejH1nqexr7x9TkTdqtWr3FxAH4pEdU9D:XSdVqjRqMr7P","tlshash":"6af1d8097066db7fad2351dc28560840b10c2baed2b9d761b2fc1e212bd1df8935db1d","size":7602,"data":"","first_seen":"2025-10-05T03:26:45.300712Z","last_seen":"2026-03-01T23:53:25.638018Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e963e2d385930cfd160c443d51823a0f","sha1":"1bf37cffb1dbc884b3842181fe1147c8a6287b8f","sha256":"71a67e33e3188d9cda2ffd78e470e7bf6caf2396577bdae2f28a6580dfe74b71","sha512":"11ae94aa99b8203a34b628ee84521b3edb599641d2fed89b85685e439e5bcedb36f3526705aba43b783ca3179e4c03c9b6508b78b0023649ab0aeb9baf571e44","ssdeep":"","tlshash":"05900218d920904a4415892127221101964589630e8d8068b908c164abb44534001f81","size":50,"data":"","first_seen":"2025-10-05T03:26:45.324788Z","last_seen":"2026-03-22T09:11:55.393185Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-CK-9Vv9G.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"e2ac33d54b92eef99249057549536f89","sha1":"721202735b0744ac7c0916a37c15973a9b391180","sha256":"83d646ab9925daef4514c4bd27f0baea6c903a27557b555c37ff59d9e6306c88","sha512":"589048a45fdf8171fc97bcd8e24504a7b9f76dd85afbe510066939e9bd8665be42b37f8646e9d750973ee5de9754bb8987c3004d90f5ba0dacffbb7e8b4d03bb","ssdeep":"","tlshash":"bf4192c874aceebc9376b5c455184c19c9052b5f7173c4e2e26a78124beae80fd36a98","size":2010,"data":"","first_seen":"2025-10-05T03:26:45.264378Z","last_seen":"2026-03-01T23:53:25.652931Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"697f3c3bb7d1eb158a912966c54b97a6","sha1":"9b982f6d3a1c024861bc7eb4d24a719c0ab7ff21","sha256":"9b3309698cf9b1a269d7391a4576589c62071c1f08b1c51a7d4b3bd973c7b730","sha512":"64dc4d74aeaa5a62f6ec230ad4ee02916dbe41db943d6a8496bc423166aa0d37318f5c6913b78c59de4ac3b33e2adcc0e0be0703026912be1cf54728b33d386d","ssdeep":"","tlshash":"d8c08cc8b0db2d146a2b685125bf35f89026482770881b528ca8dc683e730f0a233e98","size":159,"data":"","first_seen":"2025-02-17T15:24:03.230956Z","last_seen":"2026-04-01T18:41:43.03385Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"61c633daa7bd5c89d3d21ced9631def3","sha1":"31c72835a39c751ec0a93825e4dbd8d47552b40b","sha256":"330511dc8179b44e5760ecbdb00c2575f9d627a2a3423edcca152d60054e5a1f","sha512":"eda59a22c515611f898f9cbc5591de83eb1d2a920ccc4795099011d439c85de10f2ffc471eafe9fd1729c142868273e4eb0b35060fa78362b50384544391e600","ssdeep":"","tlshash":"ccc08cc8b0ca2d003a06a45134bf34e89025802770882b06cce4eca82e334f09233e98","size":151,"data":"","first_seen":"2025-02-17T15:24:03.205804Z","last_seen":"2026-04-01T18:41:43.032743Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/i18n-CppBr66w.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"86cb3c0e67975eb14974ec626a72933b","sha1":"249072c8be6ff4edbcbb3c769a38886d645d3e01","sha256":"c14c820dfa408a3633189b723187c5b5ac6a4983a8ac8cc71878ddeaea0c8d95","sha512":"6405fd948eb9e1170dc47d445f1747793c77e5d2ec470ed28edb32ad1340017db9be5899f029128ba3e860f1be5e999680956f252949aca96cd4babcebbdfc2c","ssdeep":"","tlshash":"42b01246505081f7101318cce24b6c06183112a902851190111d45443fb42dad20ef18","size":98,"data":"","first_seen":"2025-10-05T03:26:45.292435Z","last_seen":"2026-03-01T23:53:25.635294Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"8b17ec51c3be85680686a0f9b5a3d759","sha1":"a049720c0d0cdcdb78508d928c1f666ef6abcbe6","sha256":"35a7d9b0e99f54c15b521945303e543d18204865e928edd366da3f15f10a5180","sha512":"17bc8c0a70a385c273c57142367d4cfd1deaa95949f8f07459b6a1a548740fd5940a903dcaa3a885299cc5d8c8517a3d2408289540828587d5eedc61fb1b4f40","ssdeep":"","tlshash":"0bc08cd5a1c22d126602641920bf38e490248027708c1b128c98d8482e230b08233e98","size":144,"data":"","first_seen":"2024-08-20T08:29:42.434295Z","last_seen":"2026-04-01T18:41:43.037723Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DksTEeBa.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"78824cc6dae7aeca770e05b0bcf77e05","sha1":"f406daea051dce026d76545ddce770de3d8af193","sha256":"7d3e498300e24783c5fa29cf7963a59cc91b93bed3d13225fe158e46950e79a0","sha512":"920a04c246b1aac8ab24f55532050a366e5b5d40c7798f50e99839fc2e6422b551c4bc1cab620ca331b1f74cbe163f8bbe8739f295a2eb522984e8f1f477af4e","ssdeep":"","tlshash":"353176cbb4a7c23dd33bcd5a4128482051583f8d6138c1dab6771b1cd775ad8a91a61d","size":1812,"data":"","first_seen":"2025-10-05T03:26:45.262783Z","last_seen":"2026-03-01T23:53:25.643315Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/use-id-B41TJGAp.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"29a94c899922937d52401573ab3ff018","sha1":"97461dd3b0f7801eb3dbdd113071eb5fd0b3f081","sha256":"34ea1cca0f62c899054c90a803505202bed29cc2fc2781a0de9124bec554bab6","sha512":"1c608ddc102f2a5fcec0041369e3701dfb25b7b70fa3f7daed315a3a95f04860d2d1b0b88fa58af2b21e1f842f6e4be4d787721908cd3c0afdd8f081c8300fda","ssdeep":"","tlshash":"0ac02b8d74d820f02a1a0dd4e32e0b7ec13b3c10531aa9f1f1740b1b05b136643baf14","size":151,"data":"","first_seen":"2025-10-05T03:26:45.295323Z","last_seen":"2026-03-01T23:53:25.650527Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ae8b398da7489e608d31204307bb3fb6","sha1":"b35a10e4eee80b370a2a4ccc044644eb444bcf14","sha256":"289d700e74cd6a79714de6b43872bb4555d50b8ecc116366ebb8c70e2bb27a8c","sha512":"0985a59a2f163639bad3f8520e5999a4f9ef7cfe73af1be0bd612847ef0adda129d31eef5751151b2cb90dce8e9543858445a6989769bd09224c85a62a6a8a53","ssdeep":"","tlshash":"fac08cc8a0c26e211a02681814af24e49028402770481b02cdd4d8882e230b08233e98","size":141,"data":"","first_seen":"2023-04-30T07:46:29Z","last_seen":"2026-04-04T18:47:16.103829Z","times_seen":209,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"86b5182fd9aca9c7a8e3ac1bb668d620","sha1":"c1a4e6804bd0f2f9e66dffa1ca6a7633e9dc032d","sha256":"607cf6de3e442b45cc71c85bd6ca19f0949465cb5c4e598284c693f6c902febb","sha512":"6334faefc7ded38a7d64d72c5e4d290ae730e0b224da0cdd1f89e671f6ae930f0471f62b52a6d108c10356f0bc67ac3792f9a794c6c5ec56fd07954c8b6ee88b","ssdeep":"","tlshash":"aac08cc4a0c26d005612641010af34e49038402674482b528ce9e8883e230b08233e98","size":142,"data":"","first_seen":"2023-10-22T00:48:11Z","last_seen":"2026-04-01T18:41:43.020411Z","times_seen":88,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"9ee6d1e89c55944824e63c0be7644859","sha1":"fedf0c4b305648473fdb4b2d77a4e6afb4a13073","sha256":"5a05cd8dc6fb82ad2d1a511fa8762bfe29606869b86d99af9fd0558d3f9daeaf","sha512":"e290c838d1924062531bbbe9c0457854fc3fd7e89f2c992b0e04646d222ce5628bec29d9f5d22e8fcbc09374fcb7b95afe4191539bd7386894d89e57e4606428","ssdeep":"","tlshash":"32c08cc8b0d72d046a17645629bf35e89025482770881b528ca4dc582e730f09233eac","size":153,"data":"","first_seen":"2025-02-17T15:24:03.220467Z","last_seen":"2026-04-01T18:41:43.042149Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5107b652a3654245a26ba460c2e27556","sha1":"d065373153f3f78d29ff83ef4ce256cf6a686d13","sha256":"8f424b8fa31f979fd74c9de1dbd26c2aa2baa43fca68d430d0822dc0f023baf0","sha512":"c3b67c78526a92f92d950628c3c7bf64780694226b29d428eda994d241c58390ad81b3b89137a73cdb82bc0f5f505b8ba77b3a6da293a176f96cc94cc1167df3","ssdeep":"","tlshash":"67c08cc4b0c22d046612642064bf39e49024402674487b228ea4d8482e634f08233ee8","size":150,"data":"","first_seen":"2025-02-17T15:24:03.16637Z","last_seen":"2026-04-01T18:41:43.033298Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"8c438f696d519787f425726f68c384ef","sha1":"15d4dd21d64a61e5fe1fcd117dec7ec880d4f685","sha256":"0816b87e99bda018135834ed60a92f3b679dd87b315c08c5e39b656059179744","sha512":"b6b70d9990d97552fa4c26df6772191e7beeb20d0872e439ab0354869b187976fabc54e6b8a6d9a0c550c8b6924f329729e350e4bc5f298eecb032aa235b2b6d","ssdeep":"","tlshash":"dec08cc9a0c32d202602651110bf38e49024442774482b828c94d8483e620f08233e9c","size":143,"data":"","first_seen":"2025-02-17T15:24:03.21427Z","last_seen":"2026-04-01T18:41:43.053506Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a75ab93c4db9073c13fb419ef7c2c46a","sha1":"856072c405dfaa708e23622cad35d78372e23f07","sha256":"da656c2f3889dfb9eaeecb26f30c2b5ff695b991d6c5fbdd8f8978fc0ed2907e","sha512":"0dd74743f8822d86d634c325d0f3f6148960d7c9ba0cc668fde3cfe6475b7a0ffa5ab23cc7f229fd0313dcf0d1d427c60df140423c158354408f96f86faba2bb","ssdeep":"","tlshash":"cec08cc4a0e62e601a02692418af28e8a0248026b45cab02add4d8482ee34f48233e98","size":149,"data":"","first_seen":"2023-05-08T20:49:32Z","last_seen":"2026-04-05T06:25:30.526916Z","times_seen":812,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-B8W-40ne.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"b1bb6d0e5a7dfa29664dff3ded6f0659","sha1":"664c35f2a37eca4d28300405bce40cbb2e378c4b","sha256":"beedc7f3f1bf251c2ade7f1a37058cafbfe7fbc0e374cbf72a09a9562b0ea53f","sha512":"4bea28d1619e6255ef1c896e3af056188fab2068c598aa8f4670828960ad6a177eb70f12ce8f2a067ddec3b8a346f9689c281c2a287dba4210df9598666435a2","ssdeep":"","tlshash":"9631159df5b294389335afe6813a9a51f10e1d8ab116f0e5d4fa0c052ac2c46a1af62c","size":1773,"data":"","first_seen":"2025-10-05T03:26:45.280405Z","last_seen":"2026-03-01T23:53:25.6334Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6900701ff959494d30437499abeb8885","sha1":"7cb4c820fbf30caa6b50d6c2dc4aa7c0c4b644d8","sha256":"3be52a71ee1e4d668cceef779a9942298cef4d68e03183d10681c4aa945c83f5","sha512":"731bc35b44d92adfda91474163cba7cbfe8ebb8faeb76364becb6a0f87c8d62c68a560257759546c0c38da3d0ea220cbee60eed126f77194441f92786231135b","ssdeep":"","tlshash":"b5c08cc4a0c22d101642645420af26e4a028802a70485b128c94d8482e620b48233ea8","size":138,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-05T08:17:05.604153Z","times_seen":5298,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"a9534f2bacc1ef20d742f7d51e75b8b3","sha1":"4cf9bc530c66a4decb6c3aa666c8e2dd2bddc9fb","sha256":"bba98d15aa76626f03be125de6f934733978204c41c3c1779d7180c73b2a2c90","sha512":"16cbc95043e431bb3cf643ceb17b5b848c2a605d1c279d550a3445f0c609a1d38529b6bdd517c61ec86f2d2f646e6bfd8a88bc43a230fe1a55f0724e0c0676c1","ssdeep":"","tlshash":"d9c08cc8a0d22d002602641015ff24f89034402774485b03ccd4d8492e230b08233e9c","size":142,"data":"","first_seen":"2024-08-19T16:03:38.578424Z","last_seen":"2026-04-01T18:41:43.010251Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"3c53e1f9a9fb8cee771899e56e0a5e37","sha1":"dbf1e26ff9dc710cb41d70a71c6d9f0bbeaae2d4","sha256":"fa1610e433b107798812b3af0837903afc8ac2c60c68b7acd6f2d113850712f5","sha512":"f5890a1692badb991188023514ca4e9db1364a2981344d345e9a284597644e3ae5e68977fde9d695a2746c62753d4273ae43fd56c961cc9dd3a035cac1d98712","ssdeep":"","tlshash":"3fc08cc4b1c66d105a02646015af39e5a034402671482b968ce8ec592e230b49237ed8","size":149,"data":"","first_seen":"2025-02-17T15:24:03.18593Z","last_seen":"2026-04-01T18:41:43.049555Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ccd150b26b19436bf630d3e55d886c56","sha1":"b1b0a07a69d04c4d3fd477f645bdf45520f62f80","sha256":"c24d2e1417d4808466ba562ca2a899798ce86afc46131750f60e27caee231f57","sha512":"10c397a1dfd5c74118cfe0e9e2ebd5eaff92efb8aa9790b59149d433b53ed52b58f56be0a4ba2700f418bf659071fe8e9a854c0b42ae798f805c1c77cb64f4c9","ssdeep":"","tlshash":"3dc08cc4b0c26e105a02651014bf3ae490244036b4481b128cd4e8482e230b08233ed8","size":139,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-04-05T01:00:21.846915Z","times_seen":2630,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"cae68ea6f141e4d10555797b47a00137","sha1":"6d7487ad2c6cd92d7b0a57c7671d65ea34816136","sha256":"621aec1748ccd29106df6b756539d8363900d1bb9e6a155f105e538561488bc7","sha512":"802598a54385e66c4aade9d8089953400177bcf218415227baf3edc88bdc4236c6625635fc4ae2814940a6a46be01540afc18ba5334325b4fc4840b2cac33967","ssdeep":"","tlshash":"e8c08cc4a1c22d001602681010bf28e49024802670481b028d94dc892e620f0823be9c","size":140,"data":"","first_seen":"2023-04-14T08:59:55Z","last_seen":"2026-04-05T08:17:05.570983Z","times_seen":1518,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a37bf99064f26f1e1d5fbe72d8a946ce","sha1":"589badf3b0294a0117d583455d2c061a8c91d824","sha256":"45a8e88d5dfdce0b3242e86c6ece986f436e1b516dbeb7c6e12bb98dfe118189","sha512":"e3e152126173ea271a5d079397a13c20d0a9979545444baeef9410e482959185e8835258ab2e82c5bc7aa7d39c6ca969cf0bcdb0816f9fd6a3fee0803f9c322e","ssdeep":"","tlshash":"adc08cc4a0c22d001606651010bf24e49028802670485b028ca4ec593e260b08233ee8","size":139,"data":"","first_seen":"2024-08-20T14:49:00.530128Z","last_seen":"2026-04-01T18:41:43.012589Z","times_seen":102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-05T02:16:19.514573Z","times_seen":4420,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/#/home","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c2583fb50c063f4d0405b9e7cb3a0df2","sha1":"fe7125614901638e9e71adff4e308c31a521bfd7","sha256":"4ab0cbd030b4d18015e917c0acfaa1e0b4585afa96b38be83cad11d75d99590a","sha512":"edd5192afea49ddfa80981cc7eb00666be3a0a9293212ac11a64dd0e371fc99311abd29ecf5c6788bbc4369b06f6faa64013383787910a413ecf9fc5d94ed509","ssdeep":"","tlshash":"dec08cc4a0d22e001602641060af38e49028402670481b028da4dc482e620b08233e98","size":138,"data":"","first_seen":"2023-11-21T13:50:08Z","last_seen":"2026-04-01T18:41:43.041546Z","times_seen":117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kucoinkh.com/index/index-p3wv2Zlh.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-p3wv2Zlh.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 530\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-212\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":530,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (529)","md5":"0e4edebd80ea1f3f0bd212c7ba048eef","sha1":"386fd01695fb9f7612f2192df1e50a86a2d49171","sha256":"9fb61d179732903febb26be439df690591ce8436905be5bd3a9696a2e0d6241a","sha512":"8df790536fa6e177bc27ea81202193582ad7283eeac06da52d99fe834f2093f1fd013f45c6676238fb04f8a2a327abdb5c5c8a41b09ecb2c2b1e3b3961c4d901","ssdeep":"","tlshash":"8af09eee99d1e971b5553b44adae0c0653188506b190d861d88dc5d877c00d4f7be63c","first_seen":"2025-10-05T03:26:45.26954Z","last_seen":"2026-03-01T23:53:25.642459Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1043,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/Market-7BiP61kS.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/Market-7BiP61kS.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-75f\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1887,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1886)","md5":"855929db93dbda531898ec69969aa0c0","sha1":"e92ac319fc4a2cb5f122b9ed3646d98854369c1a","sha256":"55920acc1c3ae9bb1c83af7ca315ac298810b3f1d90bacfc9a798001703f52fc","sha512":"22e1c4ab612f5769f7a3f41c613b9d040ec47bf99019658af7ec652a0fd8fc187d9af9fbd46e82969f48ddfd9ffadf9b3db065352b8462b3551180831067b9ec","ssdeep":"","tlshash":"bc4165deec35c5f5a0ae09a495294031321e3edde212914e63bd582a37c3e6ca6cd3a4","first_seen":"2025-10-05T03:26:45.278384Z","last_seen":"2026-03-01T23:53:25.652154Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1042,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1042,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-BwgTsU__.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-BwgTsU__.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-288d\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10381,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (10380)","md5":"cbbc934c408fcbf78cc23ed4ec17369f","sha1":"4518864e3c7da44230b7ecbc90a8c8254a266351","sha256":"89107d200a89653b73edca80c19857e3f2b0ae19e26142a687cee2b78dbf4d10","sha512":"053454c7cd7eef7ef528448be7b1e2f032503942de28fa345b65af8385ec232515d10f5ba9394b3553245a574ecf046725711aa4326414c6fc3ce1cd0ead4b05","ssdeep":"192:wiEqkLXkUS1nrYQTrC3iebJc6LF/wIWAOg1a6fLDXTpkZ88VwDD5NDUWYPoC6Iz:wJqkLXhejIJR/9nTc6zDXlEwDLDUboCh","tlshash":"9422e7457444b072d77ba9c9c02849e0162d3f88b629c5e1b06e6d5927d95f0f0eef2e","first_seen":"2025-10-05T03:26:45.256944Z","last_seen":"2026-03-01T23:53:25.660215Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1041,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1041,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/use-id-B41TJGAp.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/use-id-B41TJGAp.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 151\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-97\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":151,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"29a94c899922937d52401573ab3ff018","sha1":"97461dd3b0f7801eb3dbdd113071eb5fd0b3f081","sha256":"34ea1cca0f62c899054c90a803505202bed29cc2fc2781a0de9124bec554bab6","sha512":"1c608ddc102f2a5fcec0041369e3701dfb25b7b70fa3f7daed315a3a95f04860d2d1b0b88fa58af2b21e1f842f6e4be4d787721908cd3c0afdd8f081c8300fda","ssdeep":"","tlshash":"0ac02b8d74d820f02a1a0dd4e32e0b7ec13b3c10531aa9f1f1740b1b05b136643baf14","first_seen":"2025-10-05T03:26:45.295323Z","last_seen":"2026-03-01T23:53:25.650527Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1036,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1036,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-VX85pUk-.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-VX85pUk-.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-d0d\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3341,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3340)","md5":"123899d481691d70593e2c07f7370d93","sha1":"d7e531531bf35c9963c05bbd8bc461afa3542da3","sha256":"984cb3068f8d5710fa588e9ba234ec3c4c0f32d7c5a0a8cdd9a7b0113f1be8ac","sha512":"5d6a25758e9e0a47e45eabf7b41dd2ada05fd2f541d811184b111c6b6ca4a72e3fbdb0cf52e395f7261317c019dc42ec01d0e848179d1a78651c1c4b0ffb38b6","ssdeep":"","tlshash":"3e61a69c78f0b53656aa96c4144b8fd0ba0727cfe034c2d1f1aa7c6523a89f5802c79f","first_seen":"2025-10-05T03:26:45.249657Z","last_seen":"2026-03-01T23:53:25.637093Z","times_seen":7,"resource_available":true,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-AWNjdvl6.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-AWNjdvl6.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-734\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1844,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1843)","md5":"434854e8056249943822933c32315cc2","sha1":"c164b0999e3347a7c989785d612ad5efd3d8758f","sha256":"d0f4194a18cf9b764854a832f2b393ef46903b9ec12cac6ecf04ca66ec7afab2","sha512":"0cc8965316d1a3751c8353965a1a4c8c93f4b4aa1bbb401589ef114f59e6a028f9a3171a5f31aa139551cd900b75dadbcb74db1efe7b043b6195b9cbe497b8f5","ssdeep":"","tlshash":"33314495fdd8e07023938ec8815a4ca1d648079ba57ce2d1e07b39942bb56dda47cf1c","first_seen":"2025-10-05T03:26:45.252384Z","last_seen":"2026-03-01T23:53:25.649653Z","times_seen":7,"resource_available":true,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-CK-9Vv9G.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-CK-9Vv9G.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-7da\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2010,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2009)","md5":"e2ac33d54b92eef99249057549536f89","sha1":"721202735b0744ac7c0916a37c15973a9b391180","sha256":"83d646ab9925daef4514c4bd27f0baea6c903a27557b555c37ff59d9e6306c88","sha512":"589048a45fdf8171fc97bcd8e24504a7b9f76dd85afbe510066939e9bd8665be42b37f8646e9d750973ee5de9754bb8987c3004d90f5ba0dacffbb7e8b4d03bb","ssdeep":"","tlshash":"bf4192c874aceebc9376b5c455184c19c9052b5f7173c4e2e26a78124beae80fd36a98","first_seen":"2025-10-05T03:26:45.264378Z","last_seen":"2026-03-01T23:53:25.652931Z","times_seen":7,"resource_available":true,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-VX85pUk-.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-VX85pUk-.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/index-CJ9wK-pf.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-d0d\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3341,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3340)","md5":"123899d481691d70593e2c07f7370d93","sha1":"d7e531531bf35c9963c05bbd8bc461afa3542da3","sha256":"984cb3068f8d5710fa588e9ba234ec3c4c0f32d7c5a0a8cdd9a7b0113f1be8ac","sha512":"5d6a25758e9e0a47e45eabf7b41dd2ada05fd2f541d811184b111c6b6ca4a72e3fbdb0cf52e395f7261317c019dc42ec01d0e848179d1a78651c1c4b0ffb38b6","ssdeep":"","tlshash":"3e61a69c78f0b53656aa96c4144b8fd0ba0727cfe034c2d1f1aa7c6523a89f5802c79f","first_seen":"2025-10-05T03:26:45.249657Z","last_seen":"2026-03-01T23:53:25.637093Z","times_seen":7,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-AWNjdvl6.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-AWNjdvl6.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-734\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1844,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1843)","md5":"434854e8056249943822933c32315cc2","sha1":"c164b0999e3347a7c989785d612ad5efd3d8758f","sha256":"d0f4194a18cf9b764854a832f2b393ef46903b9ec12cac6ecf04ca66ec7afab2","sha512":"0cc8965316d1a3751c8353965a1a4c8c93f4b4aa1bbb401589ef114f59e6a028f9a3171a5f31aa139551cd900b75dadbcb74db1efe7b043b6195b9cbe497b8f5","ssdeep":"","tlshash":"33314495fdd8e07023938ec8815a4ca1d648079ba57ce2d1e07b39942bb56dda47cf1c","first_seen":"2025-10-05T03:26:45.252384Z","last_seen":"2026-03-01T23:53:25.649653Z","times_seen":7,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/messi-topbanner-h5-Cvj50DbB.png","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:04.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/messi-topbanner-h5-Cvj50DbB.png HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-1-dark-C2PSH7do.gif","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:04.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-1-dark-C2PSH7do.gif HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:04 GMT\r\ncontent-type: image/gif\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-1699\"\r\nexpires: Sat, 07 Feb 2026 00:33:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5785,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 48 x 48","md5":"ef597b75f760d7507de575f0fb1abd41","sha1":"a3dd5b51d975904d3d473141dc63945b980df4a8","sha256":"37cd2babaf2813d93dbb32d9c6b63df4b8f4686d5027d8df766838d2ece43fb4","sha512":"c198dfd1807fab040b87adb6b5c4b5a64fa9de58855c548437a3b42eadb7948b92ee56993c5e30027277ec0eb27b299d62f8741c313b261d3e74ad94946927a6","ssdeep":"96:GOo4jDaElDmEdA3/fqtu4zuGuGuGuGuGuGuGuGu44utC/fHALh1jDaElDN:canlDmkA6u4zuGuGuGuGuGuGuGuGu446","tlshash":"bbc1852bd7196299d038a5b5aeee33032dba757f31dc2e4e97199b84fc090f670d2005","first_seen":"2025-02-17T15:24:03.157151Z","last_seen":"2026-04-01T18:41:42.9989Z","times_seen":44,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":471,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/messi-topbanner-h5-Cvj50DbB.png","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:04.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/messi-topbanner-h5-Cvj50DbB.png HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:04 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-3bf18\"\r\nexpires: Sat, 07 Feb 2026 00:33:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":245528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 542 x 542, 8-bit/color RGBA, non-interlaced","md5":"d7ba6a4cbab1c1fa0f1efcde381f1bb1","sha1":"ce4dfc031d36f2ae98e7578e6b7de0dfc2ea41d5","sha256":"b0d29a66cfcbb42d205c86767846263c976079d12c9329777d901f0ac9830351","sha512":"1adc65ccd953724d8c25a748476bec19834c17b1bb8e4f153caedc59a5e751b48e4d23f7eb0c791bc3c4398f1ba20db252a373ae6b8dea060dac708ad1324236","ssdeep":"6144:EWHq18e7sI7JvVEmZUQAflINkzE+rZF4tTi+uF1aaGPI:pHrxAvVtZyft9rDWTZ8KA","tlshash":"9e3423bdd53299e452ac81ab251b3dcc0dfccda7e0eac1463424e99da803dfb05d568e","first_seen":"2025-02-17T15:24:03.164794Z","last_seen":"2026-04-01T18:41:43.006244Z","times_seen":35,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":415,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-hbMhTL7q.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:32:59.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-hbMhTL7q.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:00 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-16d41\"\r\nexpires: Thu, 08 Jan 2026 12:33:00 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93505,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"3db0b3ab7188b5efa81f308cadd8f741","sha1":"8e48f7b532b26cf3405df26f5f44a793c72b3e71","sha256":"3370875ca3221daf8dea141f7b355542e1264a414b3ed429cd6bab60c721c359","sha512":"727f610645b199799f9672503d544eeeddd28d8e22cfb87474ec0702671ec1254b3fcc95850768c15ce7952c61d33750d8ded9543d438c352de281fe76caac06","ssdeep":"1536:B1IyNBi3MFYaQj7FCwsBlDOFIxuVox83CjeW:BvNIClDsIxuVS8yH","tlshash":"ee93f7a4aac420fc7f2ad2a6db8376d8f22cf5a2cd41dd94f00552190fd77f60553a2a","first_seen":"2025-08-06T15:13:59.361894Z","last_seen":"2026-04-01T18:41:42.99268Z","times_seen":29,"resource_available":false,"data":null}},"time_used":1046,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1046,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/i18n-CppBr66w.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/i18n-CppBr66w.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/index-CJ9wK-pf.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:01 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 98\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-62\"\r\nexpires: Thu, 08 Jan 2026 12:33:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":98,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"86cb3c0e67975eb14974ec626a72933b","sha1":"249072c8be6ff4edbcbb3c769a38886d645d3e01","sha256":"c14c820dfa408a3633189b723187c5b5ac6a4983a8ac8cc71878ddeaea0c8d95","sha512":"6405fd948eb9e1170dc47d445f1747793c77e5d2ec470ed28edb32ad1340017db9be5899f029128ba3e860f1be5e999680956f252949aca96cd4babcebbdfc2c","ssdeep":"","tlshash":"42b01246505081f7101318cce24b6c06183112a902851190111d45443fb42dad20ef18","first_seen":"2025-10-05T03:26:45.292435Z","last_seen":"2026-03-01T23:53:25.635294Z","times_seen":7,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DP49Ldot.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DP49Ldot.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-bda\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3034,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3033)","md5":"909ea3d480f8fb95c857c098e7ac223f","sha1":"8ba2e7eea615f8dbb71faf2374692cbaf1e995d9","sha256":"f0784bc6c7c5be80cc2f7a637a3c37dec63173a0c0ad31a7f3138fea5e45c514","sha512":"f4c85e1d458459d4deab9d2b40d2beda9d9264c5fd8979d191ae3ea44f89e3e52305b6d62568fda55b8c34500326a4692cd7689c961bdf1e976de7823103509b","ssdeep":"","tlshash":"f251334ef7acd5baaf1e3999b34b56ecb13c6b608c0082a7f300565c0bc3af70212215","first_seen":"2024-10-27T19:54:01.442597Z","last_seen":"2026-04-01T18:41:42.989205Z","times_seen":131,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-B5Dx_hBl.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-B5Dx_hBl.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-67a\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1658,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1657)","md5":"375e31efcdd6dcb1f5b11769b4e38768","sha1":"bedac8aedf69846900390c8665fcf49c7c8b3081","sha256":"95553c0a2fc864f3c9f14162737dc7c77133dcbac0e950bfaa6e084ac1aec085","sha512":"697583b161be6d57301050f23043f0957e62279527855969cf72791f6ce1f3f2022743e07682e17920260ddd6e58555201dbd8f9dffd1bea75b96af6b90f9feb","ssdeep":"","tlshash":"3531868ef9c69038d34bb4c0d0995051910c9b2ae969a4e4e07bdf841fac685f45cb2c","first_seen":"2025-10-05T03:26:45.266132Z","last_seen":"2026-03-01T23:53:25.653704Z","times_seen":7,"resource_available":true,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/Market-7BiP61kS.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/Market-7BiP61kS.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-75f\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1887,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1886)","md5":"855929db93dbda531898ec69969aa0c0","sha1":"e92ac319fc4a2cb5f122b9ed3646d98854369c1a","sha256":"55920acc1c3ae9bb1c83af7ca315ac298810b3f1d90bacfc9a798001703f52fc","sha512":"22e1c4ab612f5769f7a3f41c613b9d040ec47bf99019658af7ec652a0fd8fc187d9af9fbd46e82969f48ddfd9ffadf9b3db065352b8462b3551180831067b9ec","ssdeep":"","tlshash":"bc4165deec35c5f5a0ae09a495294031321e3edde212914e63bd582a37c3e6ca6cd3a4","first_seen":"2025-10-05T03:26:45.278384Z","last_seen":"2026-03-01T23:53:25.652154Z","times_seen":7,"resource_available":true,"data":null}},"time_used":581,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":581,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/use-tab-status-C1igZJLY.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/use-tab-status-C1igZJLY.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 97\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-61\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"db8a55b911c44fec1d0044bf0b639176","sha1":"93dc7e198718a4ff1a46a65238cf3a79273f08ff","sha256":"8901be184ca30a1a5fa6aebb9cc854ab6baa66765b3c4efe2f7040b9ed6da282","sha512":"712819c2fe5770e8df6efd3c436290ef0080eb04b9b61df3aaba1b78d8b68d034dca935e110b3afc076a7161805a8d9948bcfa68d4c346fe4209ad2641aebc0a","ssdeep":"","tlshash":"1cb0125f489011b508050fcd634c183583209d5ba39259f05108856423113d2f50de55","first_seen":"2025-10-05T03:26:45.273727Z","last_seen":"2026-03-01T23:53:25.654497Z","times_seen":7,"resource_available":true,"data":null}},"time_used":579,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":579,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DLFFeSmc.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DLFFeSmc.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-141b\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5147,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5146)","md5":"d82288d111fac43b5f6b03b81687209b","sha1":"d5d592120c7afbd3dfd52a749c019b120bcd6ea8","sha256":"4cc5ff9b552166db78bba4422521c30be953ce70e03f6a55d402ba2dae01bc48","sha512":"8b87c8c80011f10c6e448200cfa989dbda66d372986caa395344d3639a2de72e0feded77398bbe349db64da401528a2099143ab55e947243059345c41b1c82a1","ssdeep":"96:Eg/ozKWEXC/uWmRc+HH25DsyGYQt0pxAjXDSBVISQlI98As6s6YWtuo9:/KyCvmR1H2eyGYq0pCLDsIss6EW4o9","tlshash":"21b1c7e13090fdb7d339aacd516101d0e3ad57e03116c6ddb06f9e032659cf866fa60a","first_seen":"2025-10-05T03:26:45.272172Z","last_seen":"2026-03-01T23:53:25.65613Z","times_seen":7,"resource_available":true,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DksTEeBa.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DksTEeBa.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-714\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1812,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1811)","md5":"78824cc6dae7aeca770e05b0bcf77e05","sha1":"f406daea051dce026d76545ddce770de3d8af193","sha256":"7d3e498300e24783c5fa29cf7963a59cc91b93bed3d13225fe158e46950e79a0","sha512":"920a04c246b1aac8ab24f55532050a366e5b5d40c7798f50e99839fc2e6422b551c4bc1cab620ca331b1f74cbe163f8bbe8739f295a2eb522984e8f1f477af4e","ssdeep":"","tlshash":"353176cbb4a7c23dd33bcd5a4128482051583f8d6138c1dab6771b1cd775ad8a91a61d","first_seen":"2025-10-05T03:26:45.262783Z","last_seen":"2026-03-01T23:53:25.643315Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1039,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1039,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-D7jqPvu7.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-D7jqPvu7.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/css\r\ncontent-length: 963\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-3c3\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":963,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (962)","md5":"41310ae0aa754e74debb017495f0acc7","sha1":"30175464b46f4a36cdb95849e1f87b1a2204c022","sha256":"5f12e0f5bd4d45ab3d15e7c41e13886a1e3748ec9a1285b2c3568e16a6b1bb59","sha512":"df61eb518f08cdaee1cd97abefe7b076ce75eb1a61b03f6f0595b65774b1f42e5b3b3d89a832ad141fb08dfca2f3e4a78713b715a3005e3736bc91bfae38f305","ssdeep":"","tlshash":"79114c2aae8f8474fecd76d1f78b51dab73c22208c80c9d7b20814791683af68572129","first_seen":"2024-08-19T16:21:07.354115Z","last_seen":"2026-04-01T18:41:43.009694Z","times_seen":91,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/use-id-B41TJGAp.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/use-id-B41TJGAp.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 151\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-97\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":151,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"29a94c899922937d52401573ab3ff018","sha1":"97461dd3b0f7801eb3dbdd113071eb5fd0b3f081","sha256":"34ea1cca0f62c899054c90a803505202bed29cc2fc2781a0de9124bec554bab6","sha512":"1c608ddc102f2a5fcec0041369e3701dfb25b7b70fa3f7daed315a3a95f04860d2d1b0b88fa58af2b21e1f842f6e4be4d787721908cd3c0afdd8f081c8300fda","ssdeep":"","tlshash":"0ac02b8d74d820f02a1a0dd4e32e0b7ec13b3c10531aa9f1f1740b1b05b136643baf14","first_seen":"2025-10-05T03:26:45.295323Z","last_seen":"2026-03-01T23:53:25.650527Z","times_seen":7,"resource_available":true,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DLFFeSmc.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DLFFeSmc.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-141b\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5147,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5146)","md5":"d82288d111fac43b5f6b03b81687209b","sha1":"d5d592120c7afbd3dfd52a749c019b120bcd6ea8","sha256":"4cc5ff9b552166db78bba4422521c30be953ce70e03f6a55d402ba2dae01bc48","sha512":"8b87c8c80011f10c6e448200cfa989dbda66d372986caa395344d3639a2de72e0feded77398bbe349db64da401528a2099143ab55e947243059345c41b1c82a1","ssdeep":"96:Eg/ozKWEXC/uWmRc+HH25DsyGYQt0pxAjXDSBVISQlI98As6s6YWtuo9:/KyCvmR1H2eyGYq0pCLDsIss6EW4o9","tlshash":"21b1c7e13090fdb7d339aacd516101d0e3ad57e03116c6ddb06f9e032659cf866fa60a","first_seen":"2025-10-05T03:26:45.272172Z","last_seen":"2026-03-01T23:53:25.65613Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1035,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1035,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-CJ9wK-pf.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:32:59.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-CJ9wK-pf.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-123eeb\"\r\nexpires: Thu, 08 Jan 2026 12:33:00 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1195755,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (41625)","md5":"2e35e7100253f5dd41d7cf335cfb712a","sha1":"df97fd286107aab9a9c5cd7d21199f35de23213c","sha256":"ad5570e4f778cc5f383d8e2e3ea8ab8f6087148b5c28548514fc415f5ab2f0ba","sha512":"c591467d78bc2d63ed6aa56231e27875ad6532b6a56ec7616802bad1582d5f0b6a4c04589f1aa0950f439f3d1c2f4adfaed7e2dbd9b179f18dec7ed2bbe7875f","ssdeep":"24576:8BXr16tRcfmWUy0Mtx20hrvLK6C5no/JJAQubDpanlNGNuF1QxhOPn7WRltI7kEx:8BXr16tRcfmWUy0Mtx20hrvLK6Gno/Jx","tlshash":"9a458e6225cb1389c7f116d860263b8c6d1eea93978cdce703bede9933e1b5150d9e60","first_seen":"2026-01-08T00:33:30.934276Z","last_seen":"2026-01-08T00:33:30.934276Z","times_seen":1,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-BwgTsU__.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-BwgTsU__.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-288d\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10381,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (10380)","md5":"cbbc934c408fcbf78cc23ed4ec17369f","sha1":"4518864e3c7da44230b7ecbc90a8c8254a266351","sha256":"89107d200a89653b73edca80c19857e3f2b0ae19e26142a687cee2b78dbf4d10","sha512":"053454c7cd7eef7ef528448be7b1e2f032503942de28fa345b65af8385ec232515d10f5ba9394b3553245a574ecf046725711aa4326414c6fc3ce1cd0ead4b05","ssdeep":"192:wiEqkLXkUS1nrYQTrC3iebJc6LF/wIWAOg1a6fLDXTpkZ88VwDD5NDUWYPoC6Iz:wJqkLXhejIJR/9nTc6zDXlEwDLDUboCh","tlshash":"9422e7457444b072d77ba9c9c02849e0162d3f88b629c5e1b06e6d5927d95f0f0eef2e","first_seen":"2025-10-05T03:26:45.256944Z","last_seen":"2026-03-01T23:53:25.660215Z","times_seen":7,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/use-tab-status-C1igZJLY.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/use-tab-status-C1igZJLY.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 97\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-61\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":97,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"db8a55b911c44fec1d0044bf0b639176","sha1":"93dc7e198718a4ff1a46a65238cf3a79273f08ff","sha256":"8901be184ca30a1a5fa6aebb9cc854ab6baa66765b3c4efe2f7040b9ed6da282","sha512":"712819c2fe5770e8df6efd3c436290ef0080eb04b9b61df3aaba1b78d8b68d034dca935e110b3afc076a7161805a8d9948bcfa68d4c346fe4209ad2641aebc0a","ssdeep":"","tlshash":"1cb0125f489011b508050fcd634c183583209d5ba39259f05108856423113d2f50de55","first_seen":"2025-10-05T03:26:45.273727Z","last_seen":"2026-03-01T23:53:25.654497Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1038,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1038,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-B8W-40ne.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-B8W-40ne.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-6ed\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1773,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1772)","md5":"b1bb6d0e5a7dfa29664dff3ded6f0659","sha1":"664c35f2a37eca4d28300405bce40cbb2e378c4b","sha256":"beedc7f3f1bf251c2ade7f1a37058cafbfe7fbc0e374cbf72a09a9562b0ea53f","sha512":"4bea28d1619e6255ef1c896e3af056188fab2068c598aa8f4670828960ad6a177eb70f12ce8f2a067ddec3b8a346f9689c281c2a287dba4210df9598666435a2","ssdeep":"","tlshash":"9631159df5b294389335afe6813a9a51f10e1d8ab116f0e5d4fa0c052ac2c46a1af62c","first_seen":"2025-10-05T03:26:45.280405Z","last_seen":"2026-03-01T23:53:25.6334Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1038,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1038,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DksTEeBa.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DksTEeBa.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-714\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1812,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1811)","md5":"78824cc6dae7aeca770e05b0bcf77e05","sha1":"f406daea051dce026d76545ddce770de3d8af193","sha256":"7d3e498300e24783c5fa29cf7963a59cc91b93bed3d13225fe158e46950e79a0","sha512":"920a04c246b1aac8ab24f55532050a366e5b5d40c7798f50e99839fc2e6422b551c4bc1cab620ca331b1f74cbe163f8bbe8739f295a2eb522984e8f1f477af4e","ssdeep":"","tlshash":"353176cbb4a7c23dd33bcd5a4128482051583f8d6138c1dab6771b1cd775ad8a91a61d","first_seen":"2025-10-05T03:26:45.262783Z","last_seen":"2026-03-01T23:53:25.643315Z","times_seen":7,"resource_available":true,"data":null}},"time_used":581,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":581,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-08T00:32:58.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:32:59 GMT\r\ncontent-type: text/html\r\ncontent-length: 550\r\nlast-modified: Thu, 02 Oct 2025 07:58:23 GMT\r\netag: \"68de309f-226\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":550,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"9024599003048071bd24201da4e426f5","sha1":"cea623479e35db6a8f17954521b8c08f945b66d3","sha256":"bee26ca7ecb0cb26905198b769ea27ad1563529667d038784055e0102eb21d08","sha512":"40033c129eba982080a02ffb5a52b89e594ab9f8d47889d119febd82feb1de454d1800a9532559a144446994867a8c5880cc78487f5528d7362b8ae993bd7c1d","ssdeep":"","tlshash":"0ff0c087c8f0cd0e51104b546ee1f6085e87d6574b098c4535da907c8fc47c6cd9f96c","first_seen":"2025-10-05T03:26:45.28239Z","last_seen":"2026-03-01T23:53:25.629842Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1679,"timings":{"blocked":545,"dns":13,"connect":260,"send":0,"wait":588,"receive":1,"ssl":269},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-BFldImpd.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-BFldImpd.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-549\"\r\nexpires: Thu, 08 Jan 2026 12:33:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1353,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1352)","md5":"47eca8094b0571ef5429f0b8b75b90a2","sha1":"79f3ec8023d3944090043a9f30915c48592c537e","sha256":"d365937f9217242c8966e985403b568d8e833be8bb158f2ad9f34290ba8ad14d","sha512":"5711cb8179e0d5adc59a206d3a70f985644eff50984213fc35888e1863691681d86c730237f49c87e1a5b4d76efb3994e93af12578a005e91a4f9a5e2d3b3c8a","ssdeep":"","tlshash":"3821ce35a978993f6f1271251bda06da702eb768cc20f6a5f624a2d009c73fd1633313","first_seen":"2025-04-17T21:25:00.09228Z","last_seen":"2026-04-01T18:41:42.994737Z","times_seen":74,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-CtKl_1Of.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-CtKl_1Of.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-cb1\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3249,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3248)","md5":"398ec457b51f2bf61c650c8604f9382b","sha1":"5caf5cc099c0142118feb7516d55bf4da8f7e6a4","sha256":"743f387ac9c3585e37c3337cbd49dfa41b8d49b6e8f3b6ce96d0ae5c79420cce","sha512":"0a322088a6ac185df8fcc0fd17d34af8e1e0a44bbb2b178942db48a8fbd9f77d777a778dd1701acdc3b4f8821b1dc0153a7cec5835c6bbfabf970e29ee0a2ac9","ssdeep":"","tlshash":"f061ab36a370a17b9f02f67dbb5a6adcf128e7714d01b3a5b281201888c7bfc1532917","first_seen":"2025-04-17T21:25:00.131083Z","last_seen":"2026-04-01T18:41:42.991081Z","times_seen":67,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":590,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/home-EpH2PIe-.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/home-EpH2PIe-.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-1db2\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7602,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (7601)","md5":"74b2b74f8cfc41495107a110b87487de","sha1":"78398c69429ffd37b616335b39cad8bb38ad6ee1","sha256":"1903259aa633d59d6cf3760639edf1a591eecddf4f20043505d05a8fb99461d0","sha512":"997168e4c8d40f04ff6569112efc846303a45d59fc9ea5020dfc14a0184085062d65ba734005581e9c6d32b3c42e6e805fb38404260e500a02e26a6cc7e9cac1","ssdeep":"192:8gjeMsCejH1nqexr7x9TkTdqtWr3FxAH4pEdU9D:XSdVqjRqMr7P","tlshash":"6af1d8097066db7fad2351dc28560840b10c2baed2b9d761b2fc1e212bd1df8935db1d","first_seen":"2025-10-05T03:26:45.300712Z","last_seen":"2026-03-01T23:53:25.638018Z","times_seen":7,"resource_available":true,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DS2CRakW.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DS2CRakW.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-70f\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1807,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1806)","md5":"7153a8d3fe890ad9f2ae794932f2c883","sha1":"d6d4ec295d38184ed62075e021c17bc82b319377","sha256":"0619f593671afbeb3758182eeda4bb8a3db06ff73e3ba2f7e9b32788be6f5c44","sha512":"5fdb51bfba0e935b3a687290e0440f994d05d173f12b6da11d0f7241a815fe8c496d07253d8499f89d2b7d19dc830bc34d6e8ceaacd4cb277256678a14695b14","ssdeep":"","tlshash":"b1318782f4d72939a376dc95c0980560823c0945f904dfd6f17e5c1a27591c1bb5ef48","first_seen":"2025-10-05T03:26:45.270924Z","last_seen":"2026-03-01T23:53:25.63223Z","times_seen":7,"resource_available":true,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/LOGO.png","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:02.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /LOGO.png HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/html\r\ncontent-length: 138\r\netag: \"68ff1f34-8a\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-04-05T07:48:04.486932Z","times_seen":245214,"resource_available":true,"data":null}},"time_used":520,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DS2CRakW.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DS2CRakW.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-70f\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1807,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1806)","md5":"7153a8d3fe890ad9f2ae794932f2c883","sha1":"d6d4ec295d38184ed62075e021c17bc82b319377","sha256":"0619f593671afbeb3758182eeda4bb8a3db06ff73e3ba2f7e9b32788be6f5c44","sha512":"5fdb51bfba0e935b3a687290e0440f994d05d173f12b6da11d0f7241a815fe8c496d07253d8499f89d2b7d19dc830bc34d6e8ceaacd4cb277256678a14695b14","ssdeep":"","tlshash":"b1318782f4d72939a376dc95c0980560823c0945f904dfd6f17e5c1a27591c1bb5ef48","first_seen":"2025-10-05T03:26:45.270924Z","last_seen":"2026-03-01T23:53:25.63223Z","times_seen":7,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DRgSoRHP.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DRgSoRHP.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-48f\"\r\nexpires: Thu, 08 Jan 2026 12:33:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1167,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1166)","md5":"06b93771602fedbaaeca00f18811caf7","sha1":"884cb958a064be2e09641de107de8d421324f58f","sha256":"09ccac2b7d89c874fa7e4c18fb8dbd51d7bab4e6cab1dd3df45917ccf7d02dad","sha512":"fe6b29c63bf0964dc93bb052b0a588aaa4345384ce62cfb723813cb9a4b77912f16fcaabcc8c41c7f6055819634130b483de286cd47ff5380d58249ed7e27cf2","ssdeep":"","tlshash":"4d21e7497ee1d2ff3f6aa624365f96c464380e524fd0c754bd00516098cf9723a32385","first_seen":"2025-04-17T21:25:00.075831Z","last_seen":"2026-04-01T18:41:43.008222Z","times_seen":116,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-Bnf9T1WO.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-Bnf9T1WO.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-5b4\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1460,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1459)","md5":"a5ad60e380de61c59849136f8398c476","sha1":"aeaada0efa549c4a91a708805afe09857ea59d32","sha256":"5629077e0b1c21ca5e879138d6bc2915534c702cc6ece5fd030b9c404ef370a0","sha512":"5df1e4edaf8652bd993df715dbbc0f0d964424954c5af347d989cc61af517d7ad332fd1a4501a05a5c8788df4d89f68bef9e6b77e66180d86e025630358830bf","ssdeep":"","tlshash":"8231e139f6e0a6386f3d757497d65dc8e73e90108d328158fd62e024c8cb2b20272ae9","first_seen":"2025-04-17T21:25:00.123685Z","last_seen":"2026-04-01T18:41:42.970242Z","times_seen":83,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/home-CqSygSjy.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/home-CqSygSjy.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-75d\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1885,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1884)","md5":"2d70f94af5fe21ed3315925014996486","sha1":"7361d559a245bc104356c82904352bc99f18efda","sha256":"d09b0823add8092fbf82ce5b3075d644226a1049a5f3bc6e09521c033533268b","sha512":"cb96613b0909773177f584899e9572ebc91522ff44f9ccfd79cf603106fa6df0ee48dfce8c89c8c29497bed7b2d584079cabec8c8ec900e98422b0540212497d","ssdeep":"","tlshash":"bc411f75685c8078ef23a075338a35c9713cb2b4bd69ca5db01b609cebf76b90e23610","first_seen":"2025-08-06T15:13:59.412673Z","last_seen":"2026-04-01T18:41:43.008761Z","times_seen":29,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-B8W-40ne.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-B8W-40ne.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-6ed\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1773,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1772)","md5":"b1bb6d0e5a7dfa29664dff3ded6f0659","sha1":"664c35f2a37eca4d28300405bce40cbb2e378c4b","sha256":"beedc7f3f1bf251c2ade7f1a37058cafbfe7fbc0e374cbf72a09a9562b0ea53f","sha512":"4bea28d1619e6255ef1c896e3af056188fab2068c598aa8f4670828960ad6a177eb70f12ce8f2a067ddec3b8a346f9689c281c2a287dba4210df9598666435a2","ssdeep":"","tlshash":"9631159df5b294389335afe6813a9a51f10e1d8ab116f0e5d4fa0c052ac2c46a1af62c","first_seen":"2025-10-05T03:26:45.280405Z","last_seen":"2026-03-01T23:53:25.6334Z","times_seen":7,"resource_available":true,"data":null}},"time_used":579,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":579,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.coinacb.com/api/site/getsite","fqdn":"api.coinacb.com","domain":"coinacb.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:02.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.coinacb.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 13:45:50 GMT","end":"Sat, 14 Mar 2026 13:45:49 GMT"},"fingerprint":{"sha1":"C0:37:B3:92:CC:27:43:27:2E:DD:E4:BD:30:50:E8:03:2E:83:C5:C8","sha256":"32:6D:41:AB:DB:70:EF:21:C2:05:35:02:C3:3C:70:01:98:1C:55:9A:3C:65:77:46:54:C4:E7:DD:50:4B:84:ED"}}},"request":{"raw":"GET /api/site/getsite HTTP/1.1\r\nHost: api.coinacb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kucoinkh.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, userid\r\naccess-control-allow-origin: https://kucoinkh.com\r\nset-cookie: PHPSESSID=b5584fb042e8e1d7d9f950c9bb7cb682; expires=Thu, 08-Jan-2026 00:57:03 GMT; Max-Age=1440; path=/; secure; HttpOnly\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":315,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5efcb37347f12eec8beafb177b5f4e19","sha1":"26d47604f1a9ea87e8249c15106762eca2fd2384","sha256":"21576dcf8b8aa95dfa46c643c0ea6d1a06d9c8722f9143566690c8b6d1564979","sha512":"d8b9ba06b3f11672a98e748e6b28eaa84c8beeac811a0c99a446765a7382e7cb5a48ae49751b1226e2c281ee0b2dd3e60e5ee4d6e9e84bc4d2344aeedeab879a","ssdeep":"","tlshash":"15e07d59c2b974735a14618249af8109c6ed9382184b236877bc5f91829cbb7d905858","first_seen":"2025-10-05T03:26:45.29783Z","last_seen":"2026-03-01T23:53:25.651319Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2032,"timings":{"blocked":847,"dns":319,"connect":259,"send":0,"wait":336,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/home-EpH2PIe-.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:02.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/home-EpH2PIe-.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/index-CJ9wK-pf.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-1db2\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7602,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (7601)","md5":"74b2b74f8cfc41495107a110b87487de","sha1":"78398c69429ffd37b616335b39cad8bb38ad6ee1","sha256":"1903259aa633d59d6cf3760639edf1a591eecddf4f20043505d05a8fb99461d0","sha512":"997168e4c8d40f04ff6569112efc846303a45d59fc9ea5020dfc14a0184085062d65ba734005581e9c6d32b3c42e6e805fb38404260e500a02e26a6cc7e9cac1","ssdeep":"192:8gjeMsCejH1nqexr7x9TkTdqtWr3FxAH4pEdU9D:XSdVqjRqMr7P","tlshash":"6af1d8097066db7fad2351dc28560840b10c2baed2b9d761b2fc1e212bd1df8935db1d","first_seen":"2025-10-05T03:26:45.300712Z","last_seen":"2026-03-01T23:53:25.638018Z","times_seen":7,"resource_available":true,"data":null}},"time_used":715,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":715,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"chat.hqcq668.com/","fqdn":"chat.hqcq668.com","domain":"hqcq668.com","tld":"com"},"ip":{"addr":"154.86.0.20","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:02.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chat.hqcq668.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 05:25:13 GMT","end":"Sat, 14 Mar 2026 05:25:12 GMT"},"fingerprint":{"sha1":"43:14:5C:00:DE:45:0B:86:B6:3E:32:01:6C:77:37:55:DA:7C:12:60","sha256":"D6:74:2E:09:EE:30:90:89:36:40:39:74:0F:9D:92:1B:D2:F3:E3:2F:AC:D4:B9:9A:C4:40:E2:BF:DB:E1:96:A4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: chat.hqcq668.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://kucoinkh.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: a6C36YXemC0WNljYNSp5cA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Thu, 08 Jan 2026 00:33:03 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: I9WQcLxHdK2mjFQMfw96W0pDikQ=\r\nSet-Cookie: SITE_TOTAL_ID=ae62ceaf977cdc320d4607e290ce6f3b; Path=/; Max-Age=259200000; HttpOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2412,"timings":{"blocked":-1,"dns":833,"connect":1078,"send":0,"wait":246,"receive":0,"ssl":1059},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-CK-9Vv9G.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-CK-9Vv9G.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-7da\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2010,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2009)","md5":"e2ac33d54b92eef99249057549536f89","sha1":"721202735b0744ac7c0916a37c15973a9b391180","sha256":"83d646ab9925daef4514c4bd27f0baea6c903a27557b555c37ff59d9e6306c88","sha512":"589048a45fdf8171fc97bcd8e24504a7b9f76dd85afbe510066939e9bd8665be42b37f8646e9d750973ee5de9754bb8987c3004d90f5ba0dacffbb7e8b4d03bb","ssdeep":"","tlshash":"bf4192c874aceebc9376b5c455184c19c9052b5f7173c4e2e26a78124beae80fd36a98","first_seen":"2025-10-05T03:26:45.264378Z","last_seen":"2026-03-01T23:53:25.652931Z","times_seen":7,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-DYQdpHvT.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-DYQdpHvT.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-a86\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2694,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2693)","md5":"3f28253ee7f3d1cb19aeafad1111187f","sha1":"3130fac7725b7f6a5fff4a7c9df18a1067aa012e","sha256":"02bc3b1cad3d4bb9b0160135e6b16eb62133091d879c8d0d0a5b4ea831149626","sha512":"d07d7a8607add532475e31995dc647464951961675fbe74b8f202ce19ae29023272d997a3f873542094654e4e0e4a5fbcea3dcf88f602e8bb4ab9e162260c329","ssdeep":"","tlshash":"6051b3424892279d4693863e3198f3c8e07e74e33bb7dddaa1498dc1ac9b67509a3c53","first_seen":"2023-05-21T08:34:57Z","last_seen":"2026-04-01T18:41:43.004504Z","times_seen":175,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-CQ0jj5mE.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-CQ0jj5mE.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-633\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1587,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1586)","md5":"4bc5777c04875c84c1e31fc89065d4fe","sha1":"0303ac9cdec1d72a1dac191b7c56f1afde2d6ed9","sha256":"9b63b805907cf76717a81e19b4316475a7296d566b7a315321fee3b1aa17861b","sha512":"a24a539e7428c174fe9398dedfaf0e376a7eddd7d0705404d24a909be6e361d53bbceabf798a027751266ee960af93c40cfd7cb042b0de7cae913cf0f92b31d9","ssdeep":"","tlshash":"78310735ec905877dd227124b6e165c8a03cf1717ea1899a712d7918cbaf6f4071b20b","first_seen":"2025-04-17T21:25:00.101735Z","last_seen":"2026-04-01T18:41:42.986008Z","times_seen":116,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-B5Dx_hBl.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:03.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-B5Dx_hBl.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/home-EpH2PIe-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-67a\"\r\nexpires: Thu, 08 Jan 2026 12:33:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1658,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1657)","md5":"375e31efcdd6dcb1f5b11769b4e38768","sha1":"bedac8aedf69846900390c8665fcf49c7c8b3081","sha256":"95553c0a2fc864f3c9f14162737dc7c77133dcbac0e950bfaa6e084ac1aec085","sha512":"697583b161be6d57301050f23043f0957e62279527855969cf72791f6ce1f3f2022743e07682e17920260ddd6e58555201dbd8f9dffd1bea75b96af6b90f9feb","ssdeep":"","tlshash":"3531868ef9c69038d34bb4c0d0995051910c9b2ae969a4e4e07bdf841fac685f45cb2c","first_seen":"2025-10-05T03:26:45.266132Z","last_seen":"2026-03-01T23:53:25.653704Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1043,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/utils-DTpBcXvA.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/utils-DTpBcXvA.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/index/index-CJ9wK-pf.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:01 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 209\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-d1\"\r\nexpires: Thu, 08 Jan 2026 12:33:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":209,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"968a23a0745e12d0500aaa4b8d85d5a8","sha1":"fb5a659e5a8f1b4ae254287e6eec7c443740dc1c","sha256":"2cd2736c0cf946e6fae4be179068c553cda6e5178a3afb6a28e402e878ecc2cb","sha512":"8a43e0e531afbecb3ef944b366138d1062166098605645f651c03054ff2dbed7b1c0d86ada6ba615ef45f7c3558951ada742128b36c3df0c1f7845b984865f5f","ssdeep":"","tlshash":"c0d022820490a1b292a40dd8a83568496831ab3c422da4caab5a82880ac16a6059ce6d","first_seen":"2025-10-05T03:26:45.307127Z","last_seen":"2026-03-01T23:53:25.661044Z","times_seen":7,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-D8G52Pc0.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-D8G52Pc0.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"682899a6-791\"\r\nexpires: Thu, 08 Jan 2026 12:33:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1937,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1936)","md5":"8bcea6122f4da3a390e585a9cb955364","sha1":"5893fbd2b4bcf471737e4191cc04c2d28bfb0b17","sha256":"fd42d3f7845b3e4e864d1824382953519bea03bd4b8f249ba6e8b0ed6fccd74c","sha512":"a58954ada7927f6c872feb176f7ef01eaf3ab24e0165d18a458117bccbe4bf058d777ddca5147cd16d2bd25cf9d83bcff5232de3c924490db6766944d00f1593","ssdeep":"","tlshash":"7041d4726594713dff06f0e4936776d8a238f423d902c19ab30453188ac7ff566b226e","first_seen":"2025-04-17T21:25:00.096293Z","last_seen":"2026-04-01T18:41:42.983374Z","times_seen":74,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-CCa8FFJF.css","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-CCa8FFJF.css HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kucoinkh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: text/css\r\ncontent-length: 562\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-232\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":562,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (561)","md5":"400218fe243bf189827dff67121ead69","sha1":"0b30978e1e2c1f9750d857ec50dd5ceffbbaa3d5","sha256":"c23222dbca6ec0262b1025d434748c09445bfd8a5c369f174aa84ddc3f2f83ce","sha512":"79dfe7fc04b4b8f2b142053caf8f0af415d0ce8f8a2dc6dcb5335c668e13c1a82055bc0b86a0d0bd10fb56f8b5c51582e2b9d72e6ba0ec155368513e8ea425c7","ssdeep":"","tlshash":"99f087c66274e5387ed4307b2319b4e4a46ce88b8a22c5b5b2d382058cc35f22f20215","first_seen":"2024-08-19T20:20:38.836335Z","last_seen":"2026-04-01T18:41:42.990109Z","times_seen":102,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinkh.com/index/index-p3wv2Zlh.js","fqdn":"kucoinkh.com","domain":"kucoinkh.com","tld":"com"},"ip":{"addr":"207.56.10.211","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kucoinkh.com/","date":"2026-01-08T00:33:01.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.difius.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:25:37 GMT","end":"Tue, 31 Mar 2026 00:25:36 GMT"},"fingerprint":{"sha1":"55:FB:DE:6B:C8:16:E1:B0:13:5A:E0:F6:21:4D:BE:D7:CF:DE:E8:1D","sha256":"1B:C3:0B:28:3D:34:6C:88:2B:A2:18:77:FF:17:03:83:59:A5:7A:99:D0:07:18:AC:26:1F:9F:8B:BF:2E:15:CC"}}},"request":{"raw":"GET /index/index-p3wv2Zlh.js HTTP/1.1\r\nHost: kucoinkh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kucoinkh.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 00:33:02 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 530\r\nlast-modified: Sat, 17 May 2025 14:13:58 GMT\r\netag: \"682899a6-212\"\r\nexpires: Thu, 08 Jan 2026 12:33:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":530,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (529)","md5":"0e4edebd80ea1f3f0bd212c7ba048eef","sha1":"386fd01695fb9f7612f2192df1e50a86a2d49171","sha256":"9fb61d179732903febb26be439df690591ce8436905be5bd3a9696a2e0d6241a","sha512":"8df790536fa6e177bc27ea81202193582ad7283eeac06da52d99fe834f2093f1fd013f45c6676238fb04f8a2a327abdb5c5c8a41b09ecb2c2b1e3b3961c4d901","ssdeep":"","tlshash":"8af09eee99d1e971b5553b44adae0c0653188506b190d861d88dc5d877c00d4f7be63c","first_seen":"2025-10-05T03:26:45.26954Z","last_seen":"2026-03-01T23:53:25.642459Z","times_seen":7,"resource_available":true,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-08","alert":"Phishing Block","trigger":"kucoinkh.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"kucoinkh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}