{"report_id":"6d416d4d-56ec-4727-a728-5deada9083c3","version":6,"status":"done","tags":[],"date":"2026-03-14T12:22:38Z","url":{"schema":"http","addr":"kucoinggq.nilcat.cn","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":0,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"final":{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/#/welcome","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"title":"KuCoin","dom":{"size":220573,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (64878)","md5":"6365cecad2c7482b8324afc76a04b0ed","sha1":"c5579411255f30784ba5bebe509da7f2136f9e08","sha256":"8b6573183c80af6af8ee2765715fcc5691d0bc4b6d75bd7dc8d2a6075e7f5cb6","sha512":"104dc19a861138b6b4cc04c005476e3817e6e1edc707902d4249f3ef38612333537f5a1ee0c562b4800e7c323619a4b0f00a12a77b1abbe222eafb7e1c54efc3","ssdeep":"1536:Dq+4WooIUORd36OHKg7wa6JdfkBL4PwJcLNlkfzhomCdsOSboK8vcLoG1eK4r4dk:u+4JoItqg7wa6rfQL9AefD4Lnr3zoeoe","tlshash":"f024d6a4d36493fc5c0e47ddea3674a4360e10fe75d1ceb8916ccea0a2935d8da4dc8a","dom_hash":"domhash78f82cb5c241fc466b07319081a05b9e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":0,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-18T12:22:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"kucoinggq.nilcat.cn","ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2025-12-02","domain_rank":0,"first_seen":"2026-03-14T12:22:40.357629Z","last_seen":"2026-03-14T12:22:40.357629Z","alert_count":70,"request_count":14,"received_data":2302450,"sent_data":5459,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"112.74.47.239","ip":{"addr":"112.74.47.239","port":90,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":326,"sent_data":594,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/js/app.4f14b45c.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5d83d816fdd9ad00e1b13a5bccffe97","sha1":"9ad309c3ea3a970a7785176f98d08b471b2b094f","sha256":"d60cf160f4f34810e516200392bbdd1366c83e7a7e86912140c3206f1880a170","sha512":"0ce43481cbff14337a8a38ec09cf005e637f5ed096242ae182677578940968c98d009eef0f36400caf2ea49202271cf3eb335bb00506aff30ac81db77b6971cf","ssdeep":"12288:S+ufoqoWQ+xr1BTXhiuJH+zmW3tsXvMyDBrRinuK46e7fFMQDLYQeXCgOg:SHfoF+xrXZRifJY6","tlshash":"48f48e5c518adfbece638252600e19a461782fd6e1224858bffced5427cca9dd34e738","size":761833,"data":"","first_seen":"2026-03-14T12:22:45.022131Z","last_seen":"2026-03-17T23:45:22.154645Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/jquery.min.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"2edc942c0bd2476be8967a9f788d9e26","sha1":"0be05c714a7e6cf28fe692629ece5b3769901dca","sha256":"d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c","sha512":"d275562b4dd477493aa3cc0392b8bc8f15fdcd0227d3464756e7778aa053c1dd9b185c090d04a11956f7faf5f569d091c50724290ac840c166200ded7d67be32","ssdeep":"1536:pzm2ihKxxpbjBb2gKkGOegmLlGS0bgpiF5tNLRJBOYWEEVvmgWJrJfRjY3p:v6lGS0IWNLFdhtfVKp","tlshash":"a483f9dd73c6b06257bb20b9006f640ff236596a280d8450f125d8eabcb5a4d827bf6d","size":83095,"data":"","first_seen":"2023-03-07T12:03:36Z","last_seen":"2026-06-13T13:41:33.875193Z","times_seen":2760,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/font_2302506_dgub43s9y0e.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a105d9e99b709437060af0118b7bcba2","sha1":"44202564cce8cff8c0d60a4e2e24ecc1906088fd","sha256":"bce07f6092f8a587d682ec6e3775964bd0ddfce9763610782c7e9f16bbed9595","sha512":"6c827a38879c9d1ad9e043b0e65c7812adcedc3bf443185fd426a7003a1126fe14610b3a6ccb95a2c469aad57d43a4a5323c501c7dbe30bd686b32dae07b5ee7","ssdeep":"1536:SqW4WoowMsldvaW180rk2AV9xWNL4PwjyLFbkfXhMmChIuyjoKgv2doGtmK4r496:5W4JowHa0rk2AbxuLloWvD4Lnr3zoeUm","tlshash":"9424d7a5d36493fc5c0e43ddaa36b4b0360f10fe35d1cea8916dcea066939d8d94dc8a","size":219320,"data":"","first_seen":"2023-03-11T20:38:04Z","last_seen":"2026-04-27T21:30:20.797031Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/tradeview/charting_library/charting_library.min.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"c8cd63cddf0ab72e873d68a2d68ca336","sha1":"2d0b483c39ea41187d9fcb8200bb2819525dbd3b","sha256":"6571ad1a4bb68aacbd4c3a78fc0c26f9c1f1bb34a92164ea3fac2b4532acf88e","sha512":"f3956ab3268f27911de0789fa0858de98e26bcd2736544a6694a225aa61ab5b8ceff26774af62bad71294531d75e4faa198f44ee85a5731ffb26480940f4144d","ssdeep":"192:S4DF7XcEbRi1H0FEKyhWbviztF89xo/g81Qit+0idiiV8M5MSBj5JCWotPSXmYRB:fhoEbizXAoINoWoxSXmBEU3OHQI","tlshash":"18320054df6c2c3205c720fc8d7f288f513de276e895449e388491dc59ed44bbaaba39","size":11663,"data":"","first_seen":"2023-03-07T14:46:31Z","last_seen":"2026-05-19T09:18:59.523489Z","times_seen":225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/tradeview/datafeeds/udf/dist/bundle.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"fd3251e228d9edda60ce01ccb3046f77","sha1":"acea866435eea9c7a0564dd82435bab93c22a9db","sha256":"f016a5c57c09504aea2cca849831255353ad7e56e008fd49a45a23b114b1247d","sha512":"07db2933537e3a704befe64479130db26145597802b80cc9f9c3dcc437aff0823e896626240801ac121e06c25ec986b42580c7d240f900b160646d29c99429ad","ssdeep":"384:kpe0jAoNzmAHgWH4NRZsPA4iCA2PHDJMW:oBiWH4jZsDPA2PHyW","tlshash":"9452a6c97611312182936472e87f380ba139b515688a903c71c8e9de6efdb5dea17f3c","size":13539,"data":"","first_seen":"2023-03-07T14:46:31Z","last_seen":"2026-06-09T17:49:45.174928Z","times_seen":309,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/js/chunk-vendors.ab881e4e.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"da33819c1da947355be708bf0d5eed44","sha1":"2e18c2c3c945d4bef25d1629d744f08acbb5cf2e","sha256":"90811806fba457c0d2ba4c7533cbaaec579fbe6c851b596a19ad39f132ad5687","sha512":"574521ca37eea927ccd15c0c0afc15f8f9ec4813e5902264760588232fa4c1cfc7b644eef6360b566366e8705d5819d7d74448e620e29fa77726cb097b56212a","ssdeep":"6144:Y+fj4jsIK5lf4NPR9hyy5gul83yviOrXfRL83HYCvxXKU5G:Y+fj4jkf4NHguSfOrXlC4aXP5G","tlshash":"47f41989f2a5b07117e760b4403f110bf33a6958b40e80d8f665e8e56cb998da17bf7c","size":787550,"data":"","first_seen":"2026-03-14T12:22:45.008322Z","last_seen":"2026-03-17T23:45:22.149647Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/js/chunk-vendors.ab881e4e.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:21.162Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-vendors.ab881e4e.js HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:21 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-c045e\"\r\nExpires: Sun, 15 Mar 2026 00:22:21 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":787550,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (49224)","md5":"da33819c1da947355be708bf0d5eed44","sha1":"2e18c2c3c945d4bef25d1629d744f08acbb5cf2e","sha256":"90811806fba457c0d2ba4c7533cbaaec579fbe6c851b596a19ad39f132ad5687","sha512":"574521ca37eea927ccd15c0c0afc15f8f9ec4813e5902264760588232fa4c1cfc7b644eef6360b566366e8705d5819d7d74448e620e29fa77726cb097b56212a","ssdeep":"6144:Y+fj4jsIK5lf4NPR9hyy5gul83yviOrXfRL83HYCvxXKU5G:Y+fj4jkf4NHguSfOrXlC4aXP5G","tlshash":"47f41989f2a5b07117e760b4403f110bf33a6958b40e80d8f665e8e56cb998da17bf7c","first_seen":"2026-03-14T12:22:45.008322Z","last_seen":"2026-03-17T23:45:22.149647Z","times_seen":18,"resource_available":true,"data":null}},"time_used":2347,"timings":{"blocked":518,"dns":1,"connect":289,"send":0,"wait":246,"receive":1049,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kucoinggq.nilcat.cn/","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-14T12:22:16.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kucoinwet.nilcat.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 11:54:06 GMT","end":"Thu, 11 Jun 2026 11:54:05 GMT"},"fingerprint":{"sha1":"D3:EB:86:E5:AD:D1:AC:E7:04:FC:61:D6:08:55:E8:FF:4C:B3:32:0A","sha256":"DD:47:9F:07:04:DB:F1:0B:C4:86:17:C7:2A:6E:E7:E6:92:61:56:A8:CE:58:AC:97:17:DF:D2:94:A2:AD:B3:29"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":3451,"timings":{"blocked":1725,"dns":364,"connect":282,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/tradeview/datafeeds/udf/dist/bundle.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:21.152Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /tradeview/datafeeds/udf/dist/bundle.js HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:22 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-34e3\"\r\nExpires: Sun, 15 Mar 2026 00:22:22 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13539,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13538)","md5":"fd3251e228d9edda60ce01ccb3046f77","sha1":"acea866435eea9c7a0564dd82435bab93c22a9db","sha256":"f016a5c57c09504aea2cca849831255353ad7e56e008fd49a45a23b114b1247d","sha512":"07db2933537e3a704befe64479130db26145597802b80cc9f9c3dcc437aff0823e896626240801ac121e06c25ec986b42580c7d240f900b160646d29c99429ad","ssdeep":"384:kpe0jAoNzmAHgWH4NRZsPA4iCA2PHDJMW:oBiWH4jZsDPA2PHyW","tlshash":"9452a6c97611312182936472e87f380ba139b515688a903c71c8e9de6efdb5dea17f3c","first_seen":"2023-03-07T14:46:31Z","last_seen":"2026-06-09T17:49:45.174928Z","times_seen":309,"resource_available":true,"data":null}},"time_used":2325,"timings":{"blocked":615,"dns":1,"connect":534,"send":0,"wait":1077,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/css/app.b3974b54.css","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:21.155Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/app.b3974b54.css HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:21 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-1bc67\"\r\nExpires: Sun, 15 Mar 2026 00:22:21 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":113767,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"94131119db3a49119b94032221aca4c5","sha1":"553e1bb42d0f083ec117227777d6634c60f4c89f","sha256":"920125453000d2f617f2aeac81a2fd2dea9169172763b8bf9ad6a2cbe9ef7a50","sha512":"b605498f09e89cbd64f2049e8cdb0cdb9bd64f01e15729a18bb9327076f0a77bc15d1298ac75a86a44d0bbdc7b4bf8a830f5d7a7ad5ba092268e6c19b717b397","ssdeep":"1536:nqkPDUI9opVNJryDVaIpxIGC2/y0MyW9xBUDi5xq08pAcP0RK8bhKIWOId6aq31I:qkPQIepVNJryDVa4bCJ0Mqp+2P","tlshash":"20b3b520768c2134b27bd09ca45176997b69fb63c4039ba5fd1ab129dcc72933672f8c","first_seen":"2026-03-14T12:22:45.010861Z","last_seen":"2026-03-17T23:45:22.148528Z","times_seen":18,"resource_available":false,"data":null}},"time_used":964,"timings":{"blocked":226,"dns":0,"connect":236,"send":0,"wait":237,"receive":265,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/favicon.png","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:24.177Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:24 GMT\r\nContent-Type: image/png\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-af5\"\r\nExpires: Mon, 13 Apr 2026 12:22:24 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2805,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit colormap, non-interlaced","md5":"10726ac40bbe9b283a26cf4f711661b7","sha1":"989c50de127204ef9c85d130d17ed75813423682","sha256":"8a09205f079caf92b57060f9d11d81b69761e1a12a729389ecd78b98936c7c79","sha512":"3c91c796f750f1307eee244a648a32c915fb2694fddfc11ccc1c3ac39d4961c0c16c5c13440ab856a36a6bad0c06b724d3ff7ee14ed93adc1a5ff841b7a2edc9","ssdeep":"","tlshash":"34517cc65fd09c9246e1aeca263790c4fc362203a4c44c7b344e42b98cd61a9c4857b6","first_seen":"2026-03-14T12:22:45.012229Z","last_seen":"2026-03-17T23:45:22.150856Z","times_seen":18,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/video/0121.mp4","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:33.824Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /video/0121.mp4 HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=32768-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:33 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 18851873\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nConnection: keep-alive\r\nCache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\nPragma: no-cache\r\nExpires: 0\r\nContent-Range: bytes 32768-18884640/18884641\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131406,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"8def05db74f2064ac2a8c6b1c82ff8a0","sha1":"d6db9f763c12280a8700a8c2a6a7acd5d0112e3a","sha256":"a755837290382bea1dbc3361e4dcefb5e4b50076b31e0eb2df8c1421f583a7b5","sha512":"b16ab8f6b814a40286db3ff869b269b5d836cec0846e2fa352966b3770bab34e94df7fc85df8da4f184838563ac1c9d632bb909454fd97d73773dd9c55edf9e0","ssdeep":"3072:tJpr6CuJy3zMYFqe3WSKDyExySTWUVzflzDEjKSIbwgMs+0:t+COyDFFJ3auExySTWsblzP8R0","tlshash":"d4d3126adad946fcf1b97b277c2d590b8870f200a5dad3e6b64fbe0b4a5816009d48c4","first_seen":"2026-03-14T12:22:45.013381Z","last_seen":"2026-03-14T12:22:45.013381Z","times_seen":1,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":323,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/tradeview/charting_library/charting_library.min.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:21.153Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /tradeview/charting_library/charting_library.min.js HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:22 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-2d8f\"\r\nExpires: Sun, 15 Mar 2026 00:22:22 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11663,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2132)","md5":"c8cd63cddf0ab72e873d68a2d68ca336","sha1":"2d0b483c39ea41187d9fcb8200bb2819525dbd3b","sha256":"6571ad1a4bb68aacbd4c3a78fc0c26f9c1f1bb34a92164ea3fac2b4532acf88e","sha512":"f3956ab3268f27911de0789fa0858de98e26bcd2736544a6694a225aa61ab5b8ceff26774af62bad71294531d75e4faa198f44ee85a5731ffb26480940f4144d","ssdeep":"192:S4DF7XcEbRi1H0FEKyhWbviztF89xo/g81Qit+0idiiV8M5MSBj5JCWotPSXmYRB:fhoEbizXAoINoWoxSXmBEU3OHQI","tlshash":"18320054df6c2c3205c720fc8d7f288f513de276e895449e388491dc59ed44bbaaba39","first_seen":"2023-03-07T14:46:31Z","last_seen":"2026-05-19T09:18:59.523489Z","times_seen":225,"resource_available":true,"data":null}},"time_used":1651,"timings":{"blocked":730,"dns":0,"connect":0,"send":0,"wait":914,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"112.74.47.239:90/socket.io/?EIO=3\u0026transport=websocket","fqdn":"112.74.47.239","domain":"112.74.47.239","tld":""},"ip":{"addr":"112.74.47.239","port":90,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:31.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"112.74.47.239","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 04 Apr 2025 11:31:30 GMT","end":"Mon, 04 May 2026 11:31:29 GMT"},"fingerprint":{"sha1":"84:E0:63:18:1C:3A:F7:85:A6:C9:FB:79:00:4B:F4:50:54:39:3D:8A","sha256":"41:E9:3B:C6:93:EB:90:D5:37:6B:3B:F7:70:7B:D8:C1:79:CA:49:D5:61:18:5E:52:00:CF:E9:6D:91:F9:2D:D6"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: 112.74.47.239:90\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: http://kucoinggq.nilcat.cn\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: u3IVKGGLg/bm6bOOseOuVA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:33 GMT\r\nContent-Length: 0\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: kDnVd96NvxEczHGxljSeGaWv0yk=\r\nSet-Cookie: server_name_session=0a5bae72d5f472c77480cdd0599982fc; Max-Age=86400; httponly; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":1710,"timings":{"blocked":0,"dns":0,"connect":270,"send":0,"wait":1141,"receive":0,"ssl":299},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/video/0121.mp4","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:33.468Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /video/0121.mp4 HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=18841600-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:33 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 43041\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nConnection: keep-alive\r\nCache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\nPragma: no-cache\r\nExpires: 0\r\nContent-Range: bytes 18841600-18884640/18884641\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43041,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"8c8e6ca2574833de5f8f26d77437006a","sha1":"03d7549bf46e00f98ed02e1fc6d2eb039c154758","sha256":"3571e37f3ea0ead60503d405ef2958b7808a073787c9c6558ffd6e6abe5e1bfa","sha512":"519596f2e3c8c09072197f6416208c14547ce2c2ae47925fe34bbe85e6d69f438f0ee6a037b1d83f7c73ce2f9394ac059ee6f9c651d8ca34326a79ba7e854061","ssdeep":"768:n3IuhA5Pr49p/q6HDJfiEnz/0WyacH6e79on1+Eb1owp:YEMc9pHDJqEnI1a+Hubp","tlshash":"0013c08973324947e6984bbc45e3d31b7773e52e5b93a257a34037623da8fb846025c2","first_seen":"2026-03-14T12:22:45.014998Z","last_seen":"2026-03-17T23:45:22.154018Z","times_seen":18,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":246,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-14T12:22:20.476Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:20 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nCache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\nPragma: no-cache\r\nExpires: 0\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1335,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (665)","md5":"fdb31aa6fe0b34218cab8e364ca619b2","sha1":"02a41fdcde1ae0b8fdd26c5d00f309257da38731","sha256":"22d54c6dfea8ecb2b9470eb86941590c321b226cf42dc3ad105f2cb591d80db4","sha512":"a2f3a392798a5d28163453545b3f2f0f20aff61dc77ed7d92717bd0295c4dfc88e6f639e9322e943218efaf4488cbc5827dd4a56cefbb0a59abd11a6c0c60415","ssdeep":"","tlshash":"e921fd85ec18d2dc59206e59ae71b40e068f994f6d21cca079fd022dcfa8fcc0aa2942","first_seen":"2026-03-14T12:22:45.015999Z","last_seen":"2026-03-17T23:45:22.14657Z","times_seen":18,"resource_available":false,"data":null}},"time_used":855,"timings":{"blocked":285,"dns":1,"connect":285,"send":0,"wait":283,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/jquery.min.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:21.150Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:21 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-14497\"\r\nExpires: Sun, 15 Mar 2026 00:22:21 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83095,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32110)","md5":"2edc942c0bd2476be8967a9f788d9e26","sha1":"0be05c714a7e6cf28fe692629ece5b3769901dca","sha256":"d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c","sha512":"d275562b4dd477493aa3cc0392b8bc8f15fdcd0227d3464756e7778aa053c1dd9b185c090d04a11956f7faf5f569d091c50724290ac840c166200ded7d67be32","ssdeep":"1536:pzm2ihKxxpbjBb2gKkGOegmLlGS0bgpiF5tNLRJBOYWEEVvmgWJrJfRjY3p:v6lGS0IWNLFdhtfVKp","tlshash":"a483f9dd73c6b06257bb20b9006f640ff236596a280d8450f125d8eabcb5a4d827bf6d","first_seen":"2023-03-07T12:03:36Z","last_seen":"2026-06-13T13:41:33.875193Z","times_seen":2760,"resource_available":true,"data":null}},"time_used":624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":337,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/video/0121.mp4","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:32.002Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /video/0121.mp4 HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:32 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 18884641\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nConnection: keep-alive\r\nCache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\nPragma: no-cache\r\nExpires: 0\r\nContent-Range: bytes 0-18884640/18884641\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34394,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"9c4048df293da1c3cf8bd8599854dff6","sha1":"18cddc22ef7c18ad41f28f039f060fa7f45162e7","sha256":"166263034303e9fdb96e371459d70b7c04dbaf128172d418cbc4046e7722dcd4","sha512":"fe632d6112b5307515173da3ab45a2c0091841d6b7c253ac71d06854dee1aaac3672d7444d7dd3a571bf6ce318e835ff1478bb05a549f48ded273ca81dc31a17","ssdeep":"768:tRR781MtFyhtGIQOWykhfriJpJQmeNAdpzcZrw2pxqI4jL:tR1I8FtIZWyyApymeiEZrwG7CL","tlshash":"aaf2d05b6eb7a6ef245a49962f3097e43b515f292358d9608bc4206af033df1ddc0386","first_seen":"2026-03-14T12:22:45.017746Z","last_seen":"2026-03-14T12:22:45.017746Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":1174,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/font_2302506_dgub43s9y0e.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:21.148Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /font_2302506_dgub43s9y0e.js HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:21 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-358b8\"\r\nExpires: Sun, 15 Mar 2026 00:22:21 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":219320,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a105d9e99b709437060af0118b7bcba2","sha1":"44202564cce8cff8c0d60a4e2e24ecc1906088fd","sha256":"bce07f6092f8a587d682ec6e3775964bd0ddfce9763610782c7e9f16bbed9595","sha512":"6c827a38879c9d1ad9e043b0e65c7812adcedc3bf443185fd426a7003a1126fe14610b3a6ccb95a2c469aad57d43a4a5323c501c7dbe30bd686b32dae07b5ee7","ssdeep":"1536:SqW4WoowMsldvaW180rk2AV9xWNL4PwjyLFbkfXhMmChIuyjoKgv2doGtmK4r496:5W4JowHa0rk2AbxuLloWvD4Lnr3zoeUm","tlshash":"9424d7a5d36493fc5c0e43ddaa36b4b0360f10fe35d1cea8916dcea066939d8d94dc8a","first_seen":"2023-03-11T20:38:04Z","last_seen":"2026-04-27T21:30:20.797031Z","times_seen":55,"resource_available":true,"data":null}},"time_used":950,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":656,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/css/chunk-vendors.7d3c37a7.css","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:21.158Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-vendors.7d3c37a7.css HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:21 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-16854\"\r\nExpires: Sun, 15 Mar 2026 00:22:21 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92244,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (62349)","md5":"60574ca0d895ba6a3c23aa1814262c82","sha1":"ad2425a8f453b4e9ee9d4b4f97b6541aed2914a9","sha256":"2e801ed8ef2ad16de5c75b7a4013b8f58dc1011b429cdd328205614b034b4619","sha512":"d221614f601b43ce41ed25c5f8251a5f54e1057481edef00b18060de7cd5f6eb3cf0a1ce0b79145e95f5b99ab18971e14a84b0c90de270e8e701eda706413521","ssdeep":"768:Ce9EBtMFfDIA6eXBNHP+PnQrwqRcLxcg7G/zlooG1WhCzC6ZV4:0EBNHzE7prZHCAV4","tlshash":"9993d7e1aa01210ef023c65a81c09a49713fc94ffe73569ebb186506ffca5db05a3f59","first_seen":"2025-11-10T04:08:19.534983Z","last_seen":"2026-03-17T23:45:22.14912Z","times_seen":25,"resource_available":false,"data":null}},"time_used":1114,"timings":{"blocked":268,"dns":1,"connect":281,"send":0,"wait":282,"receive":281,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"kucoinggq.nilcat.cn/js/app.4f14b45c.js","fqdn":"kucoinggq.nilcat.cn","domain":"nilcat.cn","tld":"cn"},"ip":{"addr":"180.97.215.93","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://kucoinggq.nilcat.cn/","date":"2026-03-14T12:22:21.160Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/app.4f14b45c.js HTTP/1.1\r\nHost: kucoinggq.nilcat.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://kucoinggq.nilcat.cn/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Mar 2026 12:22:21 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 09 Mar 2026 13:38:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69aecd4c-b9fe9\"\r\nExpires: Sun, 15 Mar 2026 00:22:21 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":761833,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33540), with NEL line terminators","md5":"1b6c959d049d572eff9c2b61e18f4b14","sha1":"83deb673e39aacab2f8ca88099de7f31784aa391","sha256":"4faae28af43c08276a3bffdc328ed3d980faeb58228898fef3a307927cdc5012","sha512":"a62b0329c9fe703419d912beeeec4facbcdd01aef4d09e854890ae460d876ebfc32b559e73a6ceab3003e7c208bed1caf74f0d8a70c9828ccd583085e528976c","ssdeep":"12288:S+uxc9hG3ewtYvvf5oqQWQ+xr1BTXhiuJH+zmW3tsXvMyDBrRiUfFuK46emeDFIx:SHxcHG3ewtYvvf5on+xrXZRigh1eb6","tlshash":"52057c4e9187cbbacfd282e1240d16a0a1b8aed7d15e540a6fbcecd437dcd6c524d638","first_seen":"2026-03-14T12:22:45.020997Z","last_seen":"2026-03-14T12:22:45.020997Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10845,"timings":{"blocked":275,"dns":1,"connect":289,"send":0,"wait":589,"receive":9691,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"kucoinggq.nilcat.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"kucoinggq.nilcat.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}