{"report_id":"63682687-b860-4686-b752-8e4d4cb593ad","version":0,"status":"done","tags":[],"date":"2026-06-28T21:40:23Z","url":{"schema":"https","addr":"aml-sumsub.com/chains.html","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"aml-sumsub.com/chains.html","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"title":"Crypto AML Check | Sumsub","dom":{"size":13742,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2513)","md5":"04ff23a4803e1d685b7c45ea1c6b4eb0","sha1":"b6d9ad94728e993ba1c8a44e89de5028a3983b36","sha256":"6861c8d2e414d144614defffc81c799bf4fc0b2a98e5d85e1962dd422e900f25","sha512":"81e406e77ab230147aafd4e7358166e36224488bccf91a179af92e059fc73d9bf4c11e9c7990098884e98998b3f11cffaf6d8b334bdff9bd548e1b0cb5eaa719","ssdeep":"192:PqhO6fFMYP7qy8yRaBqcafv92cfrDYBDhP88TLVyEwroe9Qvv:yhOeMQ24iVdv","tlshash":"ec52c7519de560b3316301b977aaaf0d7a92d10b930ad9b0f6dc15808fd6d3ace632d8","dom_hash":"domhash9aae35b3202dd50a6314d4ec9049d3d6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"aml-sumsub.com/chains.html","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T21:40:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"aml-sumsub.com","ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-08","domain_rank":0,"first_seen":"2026-06-28T21:35:14.603874Z","last_seen":"2026-06-28T21:35:14.603874Z","alert_count":28,"request_count":14,"received_data":160943,"sent_data":7139,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":499,"first_seen":"2013-12-18T13:14:30Z","last_seen":"2026-06-25T00:52:46.466897Z","alert_count":0,"request_count":2,"received_data":233344,"sent_data":943,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-21T22:19:08.810882Z","alert_count":0,"request_count":1,"received_data":49345,"sent_data":558,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-21T22:22:12.048317Z","alert_count":0,"request_count":1,"received_data":3239,"sent_data":523,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"aml-sumsub.com/chains.html","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f01a31a4d264107f835c9c6692626e7b","sha1":"f837d157f3666bad6c3dbc517e775edc0b18308e","sha256":"661c9377224ae0bfcf3a0de3c48020c0d61728a3533402a05da5660c99b08005","sha512":"b194afcd900740b4ecbccbf1baed2a3ada9a9c523c3fb09a1d57ca87474275ff1af94400340262dd86b97c8a1595f28118a6783972b9b68b2d06d67c9c5a5e01","ssdeep":"","tlshash":"4b61bc975ca7507341a2303e4bafd2047373c46f128adfb17e9c52106fa0526577aae4","size":3194,"data":"","first_seen":"2026-06-28T21:40:25.112875Z","last_seen":"2026-06-28T21:40:25.112875Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/chains.html","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"368eaa159e492e84846833dd86a2472c","sha1":"51028338f9449817d893eb0de678c7a6d5da836f","sha256":"e6635ee4051a40e39fc40170338387ceeec4538fa51b01940a873540c71ee840","sha512":"26085e9227737f7085bec8a4c99002bc62e57561a6e5dce5941b2ea66146502b559b0357cb49a4a4afa7723b77488fbd406733ffacd395a43014cedac14862a1","ssdeep":"","tlshash":"a821f456998b22b714d3202a035df2003767c8ff13ced6607a9c4b019fb4124d33e6e6","size":1202,"data":"","first_seen":"2026-06-28T21:40:25.113721Z","last_seen":"2026-06-28T21:40:25.113721Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"e327f60ff0d85c31034e21c908154d57","sha1":"d83f8a3062b70f51147c1501891b4523db34674a","sha256":"bcc5e1ca219fbea9498e826e0f5648603582c7988ec8c3ce0b85c86a9eb6299c","sha512":"fb1a2abec070c64dcda00d503093d2d1d2c30cb2a0bba78bfd2fe117e7eb159079216370e560d13dbed2f614b1e9cf7a127bff4685a8f3cdda7b02009296dce9","ssdeep":"1536:pOpTpRdoKd4F0WN2ZbBcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV7p/xHK8ITq:spTpRdfcKFU7Rx1v","tlshash":"aab33e4d6cb3612285b3b1bf8b5f925172719883301def20794d9b646f80e7c53eaad8","size":116341,"data":"","first_seen":"2026-04-05T10:46:58.564832Z","last_seen":"2026-06-30T06:15:01.69591Z","times_seen":2242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/js/chains.js","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"64ff000ffb09173e6dfc08ad6258c650","sha1":"d4873580eaea5dea33848c8526b373f302a513d6","sha256":"907ac9bc162752a4cf571ea6690118bd751f5de49e44fb43f8863e217a4cd6c4","sha512":"0d1b4e1b56fbd9d0d01e9c639fcdec343351bda24b11c117065e01b4f4590be276d1809578f9169bd4045acb12f915d850a9c2152fb9a4ba6abb9084ea4c0ad8","ssdeep":"","tlshash":"38413245466a117b08e32079978bf704bf5388bb63ca9ab13a4d47092fe4524e37d7c5","size":2296,"data":"","first_seen":"2026-06-28T21:40:25.105988Z","last_seen":"2026-06-28T21:40:25.105988Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_set_header_colormap[actor:server1.conn0.watcher16.process7//obj21 class:Object extensible:true frozen:false isError:false ownPropertyLength:1 preview:map[kind:Object ownProperties:map[color_key:map[configurable:true enumerable:true value:bg_color writable:true]] ownPropertiesLength:1] sealed:false type:object]","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_set_bottom_bar_colormap[actor:server1.conn0.watcher16.process7//obj22 class:Object extensible:true frozen:false isError:false ownPropertyLength:1 preview:map[kind:Object ownProperties:map[color:map[configurable:true enumerable:true value:#ffffff writable:true]] ownPropertiesLength:1] sealed:false type:object]","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_theme","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_viewport","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_safe_area","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_content_safe_area","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_set_header_colormap[actor:server1.conn0.watcher16.process7//obj26 class:Object extensible:true frozen:false isError:false ownPropertyLength:1 preview:map[kind:Object ownProperties:map[color_key:map[configurable:true enumerable:true value:bg_color writable:true]] ownPropertiesLength:1] sealed:false type:object]","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_set_bottom_bar_colormap[actor:server1.conn0.watcher16.process7//obj27 class:Object extensible:true frozen:false isError:false ownPropertyLength:1 preview:map[kind:Object ownProperties:map[color:map[configurable:true enumerable:true value:#ffffff writable:true]] ownPropertiesLength:1] sealed:false type:object]","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_theme","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_viewport","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_safe_area","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13},{"level":"log","text":"[Telegram.WebView] \u003e postEventweb_app_request_content_safe_area","filename":"https://telegram.org/js/telegram-web-app.js","line_number":135,"column_number":13}]},"http":[{"url":{"schema":"https","addr":"aml-sumsub.com/source/icons/tron.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.197Z","timestamp":1782682792197,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/icons/tron.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 10 May 2026 05:20:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0015a4-773\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 439\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lFHtDr%2FEfG9d9SkL9anFaXboN8rjqC0vjzXNpTO%2BRzlaoEAx67r8h4WxdAXJqe2UGZeQ4glDsvlydJv08bf1BJ2HolwAgAyN%2BPIbr3pozncIyHHKdWUMWpD%2BmWYbauDWJQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a12fd8bb3bc1b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1907,"size_decoded":1735,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a7543398d0f5204d9daadd82aa684431","sha1":"ce33639458fd7d6ba81b8423f89f8b3b6ac2923c","sha256":"3597a4b2a23ced0837b1b8df92856c24f8ee79fd9ca5f15220f348e299510584","sha512":"ee50e34882e6cdba0128da79f3932cb4e2d5f5d9d57792e329a64bc2bcf7bd577a811bb62e11bdd5c783ee34ff5d8adaf490241d36a88acb4302706bdc09a79e","ssdeep":"","tlshash":"f641ed68c304c374ed52c3bc8f3968b4244e558f91e1f74947a086a0b2e50eda38ccca","first_seen":"2026-06-28T21:40:25.093754Z","last_seen":"2026-06-28T21:40:25.093754Z","times_seen":1,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/images/iso1.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.201Z","timestamp":1782682792201,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/images/iso1.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 10 May 2026 05:20:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a001584-4cdd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 438\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HgVQuOMQVh8iOeG6SZ6VqTr5qcEpNwtNyfKxyo0ebxIbS3T9ismfiH%2B8lWHlnivL0Ind7wzfPpNa6UgajRi64r04NXf%2BlHP9ozmLWdnx9sJjNvworQJDgCOUmyxxgbkWng%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a12fd8bb4bc4b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19677,"size_decoded":9270,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8c28f4bd77984f2c06acbc445f1682f4","sha1":"03a9804194719fd78dcff292d11f84122e4c2854","sha256":"eb4dd200961b89839c60364b7dc9bdc5607fd8573554d35ea277ed40af6ecb65","sha512":"2e83c1452c6ef94c0b654e7137d5de22d23f9d68b68ec06e7c736ea5d737df4dd791a17fcccb0dd218bd27687726f25ca87acc137fde9500db6a16fe819a02e4","ssdeep":"384:d2an7eUPM0UOJApWQn5WINHcaeH/kWmydydYtow20Wen6:oan7dbhAX5WIN8a9W7dMYt1Wp","tlshash":"6292a39833bae3f8f001f3f8c62664a9bf5e28d5b741d5b4c7912d12a44306dec958d2","first_seen":"2025-07-16T16:35:39.213828Z","last_seen":"2026-06-28T23:03:28.397906Z","times_seen":46,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/images/star-half.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.206Z","timestamp":1782682792206,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/images/star-half.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZozYAL1og1Xsi3WFW8o3ujOZb4XhOJ7gsMbJC0oN1JQVrJCnPjLowryx6LCJfira0TQ0MDTbplqtbZMfZJZRXQELgqm4sumsRG%2Bw5fLiPN3zVQfp8aqE4Q3iqKL%2FEl%2Fp8A%3D%3D\"}]}\r\nlast-modified: Sun, 10 May 2026 05:20:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\npriority: u=5,i\r\nage: 438\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a00158a-2fb\"\r\ncf-ray: a12fd8bb4bc9b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":763,"size_decoded":1077,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"499096df14d2a2b5988b7330ca6275f4","sha1":"cb5c67c283a83d13c8d3b7a5545abcad65150fd4","sha256":"c0bc7abb8048da00ecfea46524054f32cefec47d8d635dc84651020b40d7be3a","sha512":"27e00835975e2f0a84682a17a37e4ae0ee90f2fc21d1b5b0ab18c05ecfc2cb1c3fca01796664a9511bec726edcf7c866acd933867ccb95383d8855f93e5e8c5c","ssdeep":"","tlshash":"05017db611dfade491289394157c178ab2b3b0cef1d40459f5ceb0cfab121d85ad70d9","first_seen":"2026-06-28T21:40:25.095525Z","last_seen":"2026-06-28T21:40:25.095525Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.351Z","timestamp":1782682792351,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Mon, 11 Aug 2025 13:36:48 GMT","end":"Sat, 12 Sep 2026 13:36:48 GMT"},"fingerprint":{"sha1":"85:08:98:2F:A3:60:90:21:E8:78:21:C8:A4:96:E1:A2:E6:9D:2C:64","sha256":"49:35:FF:BC:17:D1:E9:B3:15:37:E4:67:C2:3A:A0:69:6C:37:DC:52:3F:7C:02:D6:30:C4:6E:45:7C:CA:F0:D2"}}},"request":{"raw":"GET /js/telegram-web-app.js HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.30.1\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 05 Apr 2026 10:29:48 GMT\r\netag: W/\"69d2399c-1c675\"\r\nexpires: Thu, 02 Jul 2026 21:39:52 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116341,"size_decoded":24021,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (768)","md5":"e327f60ff0d85c31034e21c908154d57","sha1":"d83f8a3062b70f51147c1501891b4523db34674a","sha256":"bcc5e1ca219fbea9498e826e0f5648603582c7988ec8c3ce0b85c86a9eb6299c","sha512":"fb1a2abec070c64dcda00d503093d2d1d2c30cb2a0bba78bfd2fe117e7eb159079216370e560d13dbed2f614b1e9cf7a127bff4685a8f3cdda7b02009296dce9","ssdeep":"1536:pOpTpRdoKd4F0WN2ZbBcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV7p/xHK8ITq:spTpRdfcKFU7Rx1v","tlshash":"aab33e4d6cb3612285b3b1bf8b5f925172719883301def20794d9b646f80e7c53eaad8","first_seen":"2026-04-05T10:46:58.564832Z","last_seen":"2026-06-30T06:15:01.69591Z","times_seen":2242,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-web-app.js","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.179Z","timestamp":1782682792179,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Mon, 11 Aug 2025 13:36:48 GMT","end":"Sat, 12 Sep 2026 13:36:48 GMT"},"fingerprint":{"sha1":"85:08:98:2F:A3:60:90:21:E8:78:21:C8:A4:96:E1:A2:E6:9D:2C:64","sha256":"49:35:FF:BC:17:D1:E9:B3:15:37:E4:67:C2:3A:A0:69:6C:37:DC:52:3F:7C:02:D6:30:C4:6E:45:7C:CA:F0:D2"}}},"request":{"raw":"GET /js/telegram-web-app.js HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.30.1\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 05 Apr 2026 10:29:48 GMT\r\netag: W/\"69d2399c-1c675\"\r\nexpires: Thu, 02 Jul 2026 21:39:52 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116341,"size_decoded":24021,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (768)","md5":"e327f60ff0d85c31034e21c908154d57","sha1":"d83f8a3062b70f51147c1501891b4523db34674a","sha256":"bcc5e1ca219fbea9498e826e0f5648603582c7988ec8c3ce0b85c86a9eb6299c","sha512":"fb1a2abec070c64dcda00d503093d2d1d2c30cb2a0bba78bfd2fe117e7eb159079216370e560d13dbed2f614b1e9cf7a127bff4685a8f3cdda7b02009296dce9","ssdeep":"1536:pOpTpRdoKd4F0WN2ZbBcn9cF9KTfVjLo03ueLE+wFFz1NIVIB/MGYV7p/xHK8ITq:spTpRdfcKFU7Rx1v","tlshash":"aab33e4d6cb3612285b3b1bf8b5f925172719883301def20794d9b646f80e7c53eaad8","first_seen":"2026-04-05T10:46:58.564832Z","last_seen":"2026-06-30T06:15:01.69591Z","times_seen":2242,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":2,"connect":22,"send":0,"wait":22,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/icons/evm.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.198Z","timestamp":1782682792198,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/icons/evm.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=khsnoC46EXUOGgdqbUoOSWI4TUIgHzF3gBK4C6lVSMs6dQ4gnVvFvucS%2BAS1A0sAIDp2oHqxPVEtH66GLONat%2FHO%2BYD48258eJUlFqVz6nKUPB8%2FJL0UZE74k3y3Eo0TOg%3D%3D\"}]}\r\nlast-modified: Sun, 10 May 2026 05:20:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\npriority: u=5,i\r\nage: 438\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a0015b9-228\"\r\ncf-ray: a12fd8bb3bc2b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":552,"size_decoded":1036,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a9709f9ab6882dd47797909ae7dde371","sha1":"15e212d45efd37691d88879d5ca38f1397c1d101","sha256":"e81b1da77035c3e814c9319a1e28d5b1556e9d6a7e2a7a35ff2ef9cd94bf6afd","sha512":"46ff1b8ae40fca1cf813ef8972a42bccdd13267ab91be941d3c523ad0ee39fb63446ae1616571ee13169804eb2fbba9681860a437769315417b93e25ed1df9ba","ssdeep":"","tlshash":"f0f046e959287454a82b1ffcda6c98e3316771f80b3d08e9b1801602e98995facd2b84","first_seen":"2023-08-27T23:32:58Z","last_seen":"2026-06-28T23:09:31.019865Z","times_seen":146,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/images/logo-white.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.200Z","timestamp":1782682792200,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/images/logo-white.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 10 May 2026 05:20:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a001593-2dc7\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 438\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yvO6%2FitAvbKnyYQcTxL6zWxYXmKAN5fCtwA%2FBNuOKyahV5z9o1LqF6iLVTw8jAXj6fcdoQYtma%2BspINfke%2BubN3fKfMSZrMGhrzaOr3RpobMoULWcSL3UR333UTAhYfvLg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a12fd8bb4bc3b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11719,"size_decoded":5014,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b6457f2d996003a9214765726758a7d0","sha1":"75e6baaa94af8886963be04c168150c0e711d506","sha256":"321eb2204ec41c9249c9571b1ebb65e7780860a7531bcff3cd59708cef2cfa98","sha512":"9fc5fab08f63ab6332539b5ba6d94884269bee29ea6536d4b67f62394933036d797f070da96aedad78d440dc1c65829a0be5eb6dc033ecb19a4e1c9db17ca67c","ssdeep":"192:IwybF/FdAmJ3gxQzY5CtAydbRUtv0Pyb5TaUBHzpH7oRQAvMWkrIxm:I7bA03QG8KubHzB7oRjRm","tlshash":"d63284d9b7e072f5a105fbe1c57ba0797e5b10be3582ca1dc7e92ed8e1044ae85c98c0","first_seen":"2026-06-28T21:40:25.100539Z","last_seen":"2026-06-28T21:40:25.100539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/images/star.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.205Z","timestamp":1782682792205,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/images/star.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XBIckndAV0yDuMB1bJ3sX2HspzDeG8KO6Kup%2FPohX6zlbPQvemL1s6LKi10cYe45Q1s1kMzdOShDlUsdH7W7iv4Md5Qfh%2FDmQVpDjUA8%2B1tHmTMHBeCXgduCCIwh%2BY9n2A%3D%3D\"}]}\r\nlast-modified: Sun, 10 May 2026 05:20:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\npriority: u=5,i\r\nage: 438\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a00158e-286\"\r\ncf-ray: a12fd8bb4bc8b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":646,"size_decoded":1060,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa4bc8497d5c86b16df861f2459ebf97","sha1":"76a4e648ff37c62ab4e4123de0e9c13291cdacea","sha256":"ffd39d2222f4e5b3949e0b562c7b1048d65e6c0e5445f6b7f7247b73e05efb72","sha512":"a613a58493db9b4d8e7fb9c607acee2c77bc85d82da2b7fa864057b1a7bb620d3ae0c32a9b5c09331965e3990fffc4fe4c763df57356c8c809dce1186d98fa55","ssdeep":"","tlshash":"c4f08b6612dfaca49028939420b8138ab2b3a0cef1c10419f4cfb0cb57110d059835ea","first_seen":"2026-06-28T21:40:25.101735Z","last_seen":"2026-06-28T21:40:25.101735Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.464Z","timestamp":1782682792464,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://aml-sumsub.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 01:48:06 GMT\r\nexpires: Fri, 25 Jun 2027 01:48:06 GMT\r\ncache-control: public, max-age=31536000\r\nage: 330706\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-30T06:33:58.277999Z","times_seen":222859,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":31,"send":0,"wait":16,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.181Z","timestamp":1782682792181,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=Inter:wght@100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 28 Jun 2026 21:39:52 GMT\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2555,"size_decoded":1313,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3fcf63d91b46adf99bd3db1a56530254","sha1":"62f7d93d0b191e1e8464958268f225f51dd1752d","sha256":"63867a7c4bb197935b85ada1c4bcbc95951598dfb736b24132f0a43e5e5e365c","sha512":"16d25c5cc841006ca8e86ef334efb051054257e6990275a3a0d1e25f9adc6c665b65ff9083dfc9c409d84b69365a26eb9ba875431ca75765743b70902e684d14","ssdeep":"","tlshash":"0451ab92002ba404ab931dc233cf7f3aaece50856085d2b96ffd1dc65cead66436875d","first_seen":"2025-09-10T17:57:06.167004Z","last_seen":"2026-06-30T05:54:59.579726Z","times_seen":29218,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":33,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/css/styles2.css","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.184Z","timestamp":1782682792184,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/css/styles2.css HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 10 May 2026 05:19:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a00157d-6cb3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 439\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EE5rsHCVFMlXHOIsNPpFmoI0fyAYfbObT0N2WObPCI8th8ZzzmLsznILwtkOb71lFVk8PzbkvfnMzauvD1J5FPYVVY1P5up3js5AU7U9Xe6Cy0JwRwbhwIC7TxE3YRcQoA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a12fd8bb2bbcb51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27827,"size_decoded":3796,"mime_type":"text/css","magic":"ASCII text, with very long lines (27827), with no line terminators","md5":"45c411cdbc44fd1af4137ad63eca303f","sha1":"11f003094d1aa7d3466156aeceb0e34e7c9dc005","sha256":"baf9665e3aef60156f37376dbaff6b89a5abe8a7997a0404d16594bd5dd619d4","sha512":"e4c22148c8df5ce502a4e489a4c2c1d18eb99152056e822efaf49699b38c7a401ec55f846381693d0ced004a2d7a45769f97c8477577e5c4869b9fa4863e0b56","ssdeep":"768:4scMJihoCcZCOud8G8tKS65wqsZQ1G+dM2cl6iCRotsV84sxIKcv4g01UeEPEQEd:4MJihoCcZCOud8G8tKS65wqsZCG+dM2Q","tlshash":"6ec27d5a7a4cd100bf835b4362df2e0855347588e530194abe3b35ca2cd5ce6ba73fa9","first_seen":"2026-02-04T19:33:23.682092Z","last_seen":"2026-06-28T21:40:25.103778Z","times_seen":2,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/js/chains.js","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.190Z","timestamp":1782682792190,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/js/chains.js HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 10 May 2026 07:52:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a003921-8f8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 438\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ObK85BeZVTme0Hd22%2FcJkB%2Fg6BJ96nrBuWV53OZXAGu54TOED29sMPvoG3qEzfWY3raxzKMQz43Pf54Aex%2BN1NmBh5KwW5R8Y1tYBD%2BPA1WRxGkBFzTFt3G5tuLLxMzSaA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a12fd8bb3bbeb51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2296,"size_decoded":1682,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"64ff000ffb09173e6dfc08ad6258c650","sha1":"d4873580eaea5dea33848c8526b373f302a513d6","sha256":"907ac9bc162752a4cf571ea6690118bd751f5de49e44fb43f8863e217a4cd6c4","sha512":"0d1b4e1b56fbd9d0d01e9c639fcdec343351bda24b11c117065e01b4f4590be276d1809578f9169bd4045acb12f915d850a9c2152fb9a4ba6abb9084ea4c0ad8","ssdeep":"","tlshash":"38413245466a117b08e32079978bf704bf5388bb63ca9ab13a4d47092fe4524e37d7c5","first_seen":"2026-06-28T21:40:25.105988Z","last_seen":"2026-06-28T21:40:25.105988Z","times_seen":1,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/images/iso2.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.203Z","timestamp":1782682792203,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/images/iso2.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 10 May 2026 05:20:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a001585-45f5\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 438\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nMX1zLPFQLIL2T%2BSbE7ntMorSOSimmqk2bWmdyh9m%2BlqYjUZkykTcInPA5mf7oaUoYJuL4P3PkoFFBDQ1FlRRYEYlFtyCpYlfjiSY7rX88QbmtjetzuDmK9Buzx4A0sIYg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a12fd8bb4bc6b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17909,"size_decoded":8450,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a371a4edc058217f97baf7aa96392b61","sha1":"77fd963ac87a1bacdbbb3408d03ad88cb9376a04","sha256":"d08983713761456996ee2223b3dcad38254b13bea2299308c4c3d03f7fa613d4","sha512":"0223a3e4fc9b6dd81af19c2740c5dd17db24305b2a2842d4f1d0c0f1ef7f69642f3c1f10c286bd384648a672900b39a4952037ef86f774502bde3a105d0163c8","ssdeep":"384:d2an7eUPM0UOpy1tIECMtH8h5ydydYtow20Wen6:oan7dbEtIhjydMYt1Wp","tlshash":"6f829498337ad3f8f146f3f9c62624b5bf4e28e9b785d2a4c7912d12a85306ddc848d1","first_seen":"2025-07-16T16:35:39.215506Z","last_seen":"2026-06-28T21:40:25.106901Z","times_seen":23,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/images/trustpilot.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.204Z","timestamp":1782682792204,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/images/trustpilot.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 10 May 2026 05:20:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a001591-204e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 438\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fv7K9l8BBOCki63CHcsExzTuvgouHNvfbQuW3r1ivC0dOfHGENv%2BKCDcgbwDtzGY%2BsFcfIsjgzoCLQIql0jnrtPjt28pVL2aGrXiGdE1ngK%2FwWp8HJ3X0XEA47Ss5ffMeQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a12fd8bb4bc7b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8270,"size_decoded":3982,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e5eeb92142c07914899a5a0ef7c3fef3","sha1":"98090501b1e1b82fd200a82d2435bff3fa68d5ad","sha256":"38464b3258175880cb15f66308ac97abf3bdc47053525c64a8643177cef781a4","sha512":"bee8ba3105c9c5e1ca060491e046f014818f3523a600fa492b0e2609614bfc059f5337ccd5434306898f9a90222e0d46a5a96f387f248063b4d6081f05b3e7f0","ssdeep":"192:yMx8cH7EMmXTpb70MSu4wVjp7p4SrUp4B4t+:bjH7piyu4MtrUp4B4t+","tlshash":"1b0286c6a38066885a4fc1cf3e55fce8500b60f6f6faa5ec52f76f0c5e934a43509855","first_seen":"2025-07-16T16:35:39.201708Z","last_seen":"2026-06-28T21:40:25.108301Z","times_seen":14,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/chains.html","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T21:39:51.711Z","timestamp":1782682791711,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /chains.html HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Sun, 10 May 2026 07:57:21 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KgHiZo%2FjIEqVfyoOub4jV%2BNy6S9siw%2BTlBvOT58NMn%2F3AqGUF%2BtcKCtqMBgJp2HVz3msB6z48AcN1smhjUICS7Tvbn37mn40zksCZhW8pyh5P%2Ba2OmPWgD%2FNROP2lRO5uQ%3D%3D\"}]}\r\ncontent-encoding: zstd\r\ncf-ray: a12fd8b86b97b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13789,"size_decoded":5476,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2429)","md5":"b7ebb4c0e1a02ecdbaa70d5182031727","sha1":"d982783c40744cb1d5891fb048a38ebde47d39ce","sha256":"aba7da2b704fc55926cfaf3320d3a3df8554189ff16da646c77f9cf447e4a22c","sha512":"c290ea5de5801ecc46c993c418f40dbdf3de8048b1a83106f4efaef2875750ed2602b521d07db8a03ea772d02e11f0f235e0d2ef53f9715f9e308019877ce24d","ssdeep":"192:lqg6fFMYP7qy8yRaBqcafv92cfrDYBDhP88TLVyXRroeIQv9:UgeMQ24iVs9","tlshash":"5752c7519de520b33163017877aaaf0d7a92d50b930adab0f6dc15808f96d3bce632d8","first_seen":"2026-06-28T21:40:25.10927Z","last_seen":"2026-06-28T21:40:25.10927Z","times_seen":1,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":9,"connect":20,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/css/styles1.css","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.182Z","timestamp":1782682792182,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/css/styles1.css HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 10 May 2026 05:20:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a001581-1cd2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MCrct1UgHjNSQ%2F2Zmw17yL5j6HYoY3wLAguloWOCUvDeRZ3hLf8%2B1x6WqQXX0qoyuVCWwbiRZXxNCtCi0d8cNl%2FuP6wlsPZHEW5nW%2BL6%2FIq02hFCvV2TmlQE75pzQSvAbw%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a12fd8bb2bbab51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7378,"size_decoded":2334,"mime_type":"text/css","magic":"ASCII text, with very long lines (7378), with no line terminators","md5":"7d4df38de55a93309db3a3e055876190","sha1":"372bf3fc6f02dd37cb9c8b88f9461eba0f99f56c","sha256":"3161d57a39b1079bc678a2e6fa2d964077688e9814bf3726b30dc25191fc3393","sha512":"88708ea489928ce0732a7ee96f992f645975ae07cd17d247157761ffa3f7e515aa3f187f80d67c3c60e5ef2c2aa4f9fdf73cb49b58550056e97bc14fb851ba55","ssdeep":"192:Su0h0Z05CM54C+0+050h0Z05CM54C+0+0j/9C37Hmc:DVEGc","tlshash":"a8e1791d97295299b07380bbbcc1f77de268f5a2a01e0e575e94d3e4c2462f232e3257","first_seen":"2026-02-04T19:33:23.676496Z","last_seen":"2026-06-28T21:40:25.110251Z","times_seen":2,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/css/footer.css","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.188Z","timestamp":1782682792188,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/css/footer.css HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 10 May 2026 05:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a00157f-65a7\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 438\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f4dGvoE%2F2hG4KCxuKC%2Bm%2FDyZkoplVaa5QgFbU5kLYrqgrwYF0vAZQS%2BtSnyn2My2QSDTR9680WusY1Ip%2FF2v43XpktWEqXrDvox73NFap1c34LV3etKPHhlT2CZB6%2FZw2g%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a12fd8bb2bbdb51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26023,"size_decoded":5758,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f4cb9bd55dc132719393960e274be634","sha1":"5de18e55f60e9f43e2dbc564d63af7bd3b3d2ae1","sha256":"27b4fd1408cf7ced7c91c316276f98a038b5f9cee95c82e5f53656c21e7d6d97","sha512":"a5195e2d5ead77fa54bdd943a5347b19379103cfc14c1d32e9cdae1cf231240e3cb5411fa8fafd298c77845c98acc1bce0c4ed9bf2ff26f542cb1ab794e9e951","ssdeep":"192:NXRN+JqhwAcdS8Dp6Ww9Yo8HAWYclHRSXVQufMCY117Sztvw4HofEcbWtrcUIzBm:5sqhxcAWjtwKxJ5M35nZp","tlshash":"1dc233589b1215477a338b7cbba3862eb7954060df0303adffe7640966c82b49176ecc","first_seen":"2026-06-28T21:40:25.111244Z","last_seen":"2026-06-28T21:40:25.111244Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aml-sumsub.com/source/images/logo-black.svg","fqdn":"aml-sumsub.com","domain":"aml-sumsub.com","tld":"com"},"ip":{"addr":"104.21.84.16","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-sumsub.com/chains.html","date":"2026-06-28T21:39:52.195Z","timestamp":1782682792195,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aml-sumsub.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 07:13:54 GMT","end":"Thu, 06 Aug 2026 07:13:53 GMT"},"fingerprint":{"sha1":"17:B0:D8:4A:CF:15:A8:DA:CF:92:94:92:7D:F2:4C:94:50:56:24:CD","sha256":"91:86:E4:6A:07:E1:55:F2:37:67:8C:D0:4D:83:3A:75:84:1A:E2:FB:6B:89:75:E1:E5:80:9C:F8:BB:69:36:C9"}}},"request":{"raw":"GET /source/images/logo-black.svg HTTP/1.1\r\nHost: aml-sumsub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://aml-sumsub.com/chains.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 21:39:52 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 10 May 2026 05:20:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a00158c-2dcd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nage: 439\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JWqaFPAPP8tuUeO0IVqu6H3HUrnp16l9PBVD2U2YH4G8KPGHlJUyqBekN3s2l3EFYnpQT1n8M1zrP%2Bkcwhn8wn0wJ7gcisuxf6vD3AipIktaRuj4c6poAqaZKRy4CuJ1Jg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a12fd8bb3bbfb51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11725,"size_decoded":5008,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"014820524ee3db80e50f0402130d35b3","sha1":"129c8f68e3c06f4fa1b02054cb9ad2e7db47359e","sha256":"4858e6607bf52c6ab5c48b60207aee0655270cc582a76aa887929dc6c010cdc8","sha512":"452af5b9cf9620d2e64dd197d03b07cfbe9268a36c4f827b085119bab0535a519ba274379ddf7b154af0984d0792d9e37b5c32f0f2ce7427ce2c3509c5de79e3","ssdeep":"192:IwybF/FdAmngxQzY5CtAydbRUtv0Pyb5TaUBHzpH7oRQAvMWkrIu:I7bAqQG8KubHzB7oRjO","tlshash":"223284d9b7e072f5a105fbe1c57ba4797e5b00be3582ca1dc7e92ed8e1044ae85c98c0","first_seen":"2026-06-28T21:40:25.112069Z","last_seen":"2026-06-28T21:40:25.112069Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"aml-sumsub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}