{"report_id":"7f05529b-cdb9-4b79-9a46-852baf30e336","version":6,"status":"done","tags":[],"date":"2026-04-12T12:46:29Z","url":{"schema":"http","addr":"crypto-onchainmax.cyou","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/#/login?redirect=%2Findex","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"title":"Crypto Onchain","dom":{"size":134929,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (53641)","md5":"2379d609c3a0e306c935cf083d043d2d","sha1":"0659bef5e34931ba5480d321a226c45d93d92753","sha256":"11f941843fae4ce7d93b62592c3a229405ffa2326e870f53c3d161bbacdbcc4b","sha512":"13af43df608c13b9bbd1a1148fd71a376e8b9e00d15f5d15deaf45589f0d8fd4a42ae64b8fede88565188ea39410c5edf063b02896abe78acfe91bc6205a7022","ssdeep":"1536:wM4lmjbO+PeXbd9w7V8OBZSXgDPUCU1SSVXJnQv89Sf6dQGaNm2RZcw44T4diT8g:wM4lmPMsuXgDPUCe/8pmc","tlshash":"c6d32ce8d720a3bc544fcf9bba31f554291f20b77ae189a8f25c4d949bd3cc49906c89","dom_hash":"domhash728fed4a4f3caa00ad1cf7fcb04895b1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"crypto-onchainmax.cyou","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-17T12:46:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"crypto-onchainmax.cyou","ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-10","domain_rank":0,"first_seen":"2026-04-12T12:46:32.152081Z","last_seen":"2026-04-12T12:46:32.152081Z","alert_count":12,"request_count":12,"received_data":2230904,"sent_data":5205,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b7eb7cc3637e3ed0fd534639e57a37a6","sha1":"b06c65d14543c4120a59e5b3262f742a9391a3b3","sha256":"5f8aae5cb1e04f2d9041eb0867855a94d38e197bd9508ae2026b52869e4dddd2","sha512":"78d06b8374812b999a524d5b18c996f9fdc2d6ac972465aead8085ff6066f3a6d198dec53256339de5286586243050cef3960e5595b96d420f276c7f2811f9ef","ssdeep":"192:jrua59UM3DkEqkuWpugwo5SgXZdweiDzXVBUgIY5jUoyZb:f39UyfqUpugwo4gXbweMzXVBgYw","tlshash":"bf521cf5e3a4f8769a86ec576616f76240e72a733c3063b9436cd150a7a0bd4038b94f","size":13636,"data":"","first_seen":"2026-04-12T12:46:36.259496Z","last_seen":"2026-04-12T13:17:29.343269Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/chunk-libs.d8d8af9c.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"09402f1eb8ee9a241724dba0e344edd5","sha1":"9a7412b7134cf097cec89a0b903da2dbff959985","sha256":"9cacdfb0197b8fe82514687cdf5c9c0da8d77370eb3ccac2cad5d433a4f96b48","sha512":"06647edfe53d126bec0f072f95b04eb25f1f6b89fb465fec0b316c83fd19c19d71b3270bba421531843684891a81ec506fd06d974dc1e3316856350d1c9ff609","ssdeep":"3072:53XJKfNiQbC9MBVFRGRglcDAbfXhM1x7k5OOxwaVP9Vz5rufOBCPwI7nFJPegzfD:lr1MBEkgx7kQQXlrhCYQWOwB1CoVy4fm","tlshash":"67b4e79cb6d1b0b112e360f5402f160bf277a86df44a94d0e369e8e1acb894e5167f3d","size":537613,"data":"","first_seen":"2026-04-12T12:46:36.230399Z","last_seen":"2026-04-12T13:17:29.323502Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/app.ac8518f7.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"01c0dd5fa6b7fa70c8ddfe6f77a1c359","sha1":"8a0cb6245afa0f68e0cc8c8fbceb7643cfa6fbb7","sha256":"bce209d8bc0b521c084b7a1bc59ac83d01e5f3bf10eb80ea73faa4e108b013bf","sha512":"17dcbec2f483391d1c4c94f622d75b6266ba4eaebea390caae3181afc0bd4d691747a769a9e785375c54c937ec537e555fdcb5aa4fc886d6ea320d5a87a03945","ssdeep":"3072:mpG4UYhqBdJohrnzVeMbqjEldlPzIfgDPU8H7rVi2w6yj6/:mpG4U0nzVrqjkd9/7rk/8","tlshash":"83445da9b290f1ac4b8f6776613bb565763f30f639990860a178cdc46bb2cc85303d9d","size":269705,"data":"","first_seen":"2026-04-12T12:46:36.23333Z","last_seen":"2026-04-12T13:17:29.341829Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/chunk-elementUI.2a71524e.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e84f8f9eef4d472646c3d17bf2798ae","sha1":"9a964f7bc7fe2c88d7d48cc31ace4f683798ec73","sha256":"4fd4b12be14ed2f7fe645fd7f5b56648797b3906f997e9510b92538f453fcba7","sha512":"824c517b756e6245da0c71dcd3f4bf090026bf0497330df2c762aa038dbee831ad823dcc9f7e96f4a79b84b85f723444827beee03dc0dbecbabffd9b4524f9e5","ssdeep":"6144:EBNId8lURd2Lw7/t+dVbVbmvHdyksFQ9p63Hks75UfbGxgGOC8GsYIMeTfYF0:sauw7VabVbmvdyksOcU8ONTfYF0","tlshash":"ebf41a8d72c5b47147a360b0103f150bb33b2aac6809809cf675d8ea6d79a4d626ff7d","size":753319,"data":"","first_seen":"2025-05-12T11:10:13.065685Z","last_seen":"2026-04-12T13:17:29.341061Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/chunk-34eb204a.5344cd14.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d70ce9e48c8a9486b1f3002295372b84","sha1":"4f07b12b34b3a025e3a686a9f3f133905808714e","sha256":"60328289bf7bffdd54fb8b87fd9778684737dbbcb88b9b0684ef435c91c4d327","sha512":"82b04ccdbce190604022850ccbe2965bd423faadab0ad1a9f4a24689889b9c69a4670d20a4e61b5e51422284259b18cf154502e231aa8378d1c482212969093c","ssdeep":"96:uVtiy4ZeDM+7z01jKnpGUEGfDnEnN2hM3FO4Smt+NTK76MxUgSqUqxxUDqUwP/X4:itiYT741jKkUZWFOTmteMnn+6vvkb","tlshash":"90c1f92954ceec493a07d229511b0053501f9c788226ca98ef31c9fade9ef9d362677f","size":5928,"data":"","first_seen":"2026-04-12T12:46:36.253566Z","last_seen":"2026-04-12T13:17:29.338568Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/chunk-2d0b6c88.a1ebff84.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"021ba853aba59a5d369cf46591cf0f77","sha1":"0a4150a155903c19ecbe7366b88b4d6406103133","sha256":"1f0bcad94ae94b85db3ca6187ac682f2cad3e1488d04b97ae834fed4ef6635c0","sha512":"01da3eb24a73472eaa62eaa15caed7ac0e9f27b087cbedf7b5e7aaac6e3c5e8422acd100782fbd5fe3fa0ecbfb8c5ab238d1788d456871fc32bc6ebf9ceff0b9","ssdeep":"1536:xslUqrcE4aaNc4Q4x2fBQ6PpasU2P+/5oseza+yie4yHp:SlUqr5W6PpasU2PQ5oPm+y54yJ","tlshash":"ff33f985b6e6b46403d2a0f0061f084ae23e761da45f54fcfa5ac8e2ac7588d653ff74","size":54831,"data":"","first_seen":"2025-05-12T11:10:13.082523Z","last_seen":"2026-04-12T13:17:29.325398Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/css/chunk-libs.ea078ece.css","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:06.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /static/css/chunk-libs.ea078ece.css HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d9e840-96e4\"\r\nexpires: Mon, 13 Apr 2026 00:46:06 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=99BtmPlwgV9SiJ9XFfsiBhvC61kiIbUHSGW9MU2LWjaUhqU8O%2BNciGKPwnNRCzt9%2BalHoqyDUdwm5xBw8IeNfeFRBQU7VM6O2gbSBqKLXQ9BHI%2BhkfPInY2T%2BQtjL0bXPikB5Mx88HLO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb254fa3b9f56c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38628,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (22707)","md5":"09087ac11e8cf31dbccf1a43b34f7541","sha1":"d998de0a4682f7dc96fce2b0516af6e5dd0746ba","sha256":"58791d5ea3de6ecec9490d54cc6dfde017d8bd3ee7d0af94a6dc816bc6e8901a","sha512":"5ff706735d199007d5a04de1e5c62e707158208ee4dc5a035c61d6c4f1d80a6378485cf319fa4ce49ef049b6f42162619632dcf0d2b2325a62ef57c23a10692b","ssdeep":"384:KEhh6wW89xrDB5OBz0QyxFbmSOxd6GObiu6nOGvYvLDuyF9xNSU0ieUbWDx9NZ5R:ABzHyxFbmSOxd6GObiu7X9WDjNZ5Go","tlshash":"8903ee4ee8572cff0236652d91c052e02f9bfb7bf0e351daf491e58626dd0580369a3a","first_seen":"2023-04-14T21:48:03Z","last_seen":"2026-04-12T13:17:29.340192Z","times_seen":204,"resource_available":false,"data":null}},"time_used":449,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":449,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/chunk-libs.d8d8af9c.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:06.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /static/js/chunk-libs.d8d8af9c.js HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d9e840-8340d\"\r\nexpires: Mon, 13 Apr 2026 00:46:06 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z5tUFUNyPeHLNC0Xde30xa%2Bt9uuMNoo7LtvyTRUzMIlvgbFdIAeNd0Ms9rWZM80M0vx46HM6fWv78bt5Q6tTuzNrtHqqZt%2B9%2BeH3u4a4VaazFJ0vKq5QahfEab6lmy8fHTF5U7rhKMzj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb254fa4ba356c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":537613,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"09402f1eb8ee9a241724dba0e344edd5","sha1":"9a7412b7134cf097cec89a0b903da2dbff959985","sha256":"9cacdfb0197b8fe82514687cdf5c9c0da8d77370eb3ccac2cad5d433a4f96b48","sha512":"06647edfe53d126bec0f072f95b04eb25f1f6b89fb465fec0b316c83fd19c19d71b3270bba421531843684891a81ec506fd06d974dc1e3316856350d1c9ff609","ssdeep":"3072:53XJKfNiQbC9MBVFRGRglcDAbfXhM1x7k5OOxwaVP9Vz5rufOBCPwI7nFJPegzfD:lr1MBEkgx7kQQXlrhCYQWOwB1CoVy4fm","tlshash":"67b4e79cb6d1b0b112e360f5402f160bf277a86df44a94d0e369e8e1acb894e5167f3d","first_seen":"2026-04-12T12:46:36.230399Z","last_seen":"2026-04-12T13:17:29.323502Z","times_seen":2,"resource_available":true,"data":null}},"time_used":927,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":303,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/app.ac8518f7.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:06.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /static/js/app.ac8518f7.js HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d9e840-41d89\"\r\nexpires: Mon, 13 Apr 2026 00:46:06 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9V7dvXAejKEPZMoORdyc7USvdDM2C0OKasysmaUiNOdpCI2vN5uvKGPrefz8p5GNGKIZE2VJhSGamymniD9yMFq6lCZldYELwUM72daVWSQ8v1A2ZP2mK8W7uve6vC1NJoSgIkOBu1tJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb254fa4ba456c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":269705,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65496), with no line terminators","md5":"01c0dd5fa6b7fa70c8ddfe6f77a1c359","sha1":"8a0cb6245afa0f68e0cc8c8fbceb7643cfa6fbb7","sha256":"bce209d8bc0b521c084b7a1bc59ac83d01e5f3bf10eb80ea73faa4e108b013bf","sha512":"17dcbec2f483391d1c4c94f622d75b6266ba4eaebea390caae3181afc0bd4d691747a769a9e785375c54c937ec537e555fdcb5aa4fc886d6ea320d5a87a03945","ssdeep":"3072:mpG4UYhqBdJohrnzVeMbqjEldlPzIfgDPU8H7rVi2w6yj6/:mpG4U0nzVrqjkd9/7rk/8","tlshash":"83445da9b290f1ac4b8f6776613bb565763f30f639990860a178cdc46bb2cc85303d9d","first_seen":"2026-04-12T12:46:36.23333Z","last_seen":"2026-04-12T13:17:29.341829Z","times_seen":2,"resource_available":true,"data":null}},"time_used":781,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/chunk-2d0b6c88.a1ebff84.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:07.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /static/js/chunk-2d0b6c88.a1ebff84.js HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d9e840-d62f\"\r\nexpires: Mon, 13 Apr 2026 00:46:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=loYandwHpE6wWKdbyK4Uo5O%2BhmPR0OogAvIJLpoQ%2BHGOnXxXchTiji8SpI6uLLe%2FYDEStylJTT35QPL1XtpavR%2F0X6MzJtbt70C6XivS3Qqsgp8bq8ImNupu8P6%2BqJkcOAsEKshrTEit\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb255020c6056c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54831,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54827), with no line terminators","md5":"021ba853aba59a5d369cf46591cf0f77","sha1":"0a4150a155903c19ecbe7366b88b4d6406103133","sha256":"1f0bcad94ae94b85db3ca6187ac682f2cad3e1488d04b97ae834fed4ef6635c0","sha512":"01da3eb24a73472eaa62eaa15caed7ac0e9f27b087cbedf7b5e7aaac6e3c5e8422acd100782fbd5fe3fa0ecbfb8c5ab238d1788d456871fc32bc6ebf9ceff0b9","ssdeep":"1536:xslUqrcE4aaNc4Q4x2fBQ6PpasU2P+/5oseza+yie4yHp:SlUqr5W6PpasU2PQ5oPm+y54yJ","tlshash":"ff33f985b6e6b46403d2a0f0061f084ae23e761da45f54fcfa5ac8e2ac7588d653ff74","first_seen":"2025-05-12T11:10:13.082523Z","last_seen":"2026-04-12T13:17:29.325398Z","times_seen":5,"resource_available":true,"data":null}},"time_used":588,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/css/chunk-34eb204a.5c58ac52.css","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:07.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /static/css/chunk-34eb204a.5c58ac52.css HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d9e840-97a\"\r\nexpires: Mon, 13 Apr 2026 00:46:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7adeAKoXBZ9UO6EzGMKpPjNrWyxLFcqQvPkcOfZvqoLhGGCAYfkLBFFDGtrgeWG6v1vxsbt7UON6prLL8oKeAxiGlKIZFhRncA7PoJHf9gBqSIY83k8ZEis4yLMAD8nqalDF1OAe0uQL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb255020c6156c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2426,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2426), with no line terminators","md5":"65a09cdab9c96ea77e87253ec6047e87","sha1":"31b4f11110d961ff22ef38e3d89e6a43395977d4","sha256":"6f3298a122927a782935a097c94ac9d3205fc769c425621066a1d32358d88cc7","sha512":"13fa0b285430b82ab71ae7edc517497e74844a4adc65ebcc09110436472b8e74131dbbf44484f39363347111219965366575ec0246015ad4bf15cedeaa262ad4","ssdeep":"","tlshash":"32411f37122812156013ec946be426c6238df1b3d2504ffa4ea02d16dbeff2648a5b9f","first_seen":"2026-04-12T12:46:36.240112Z","last_seen":"2026-04-12T13:17:29.336572Z","times_seen":2,"resource_available":false,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/platform/CryptoOnchain/favicon.ico?1775859649512","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:08.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /platform/CryptoOnchain/favicon.ico?1775859649512 HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:08 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69d9e840-3ff3e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=whoUM%2FqzCU71CZTkrHwunhsR1UWuhteyGyO80n3Ga6nW%2Btgb82wbbDuzSJEJ3f%2BDxXVOtO70%2BUqFO7Ccjx9hsewUAYjjtVyB1iaBYiHYB%2BnGh3tYI7RNEexnJhonxvBC%2B%2BTILTX625FN\"}]}\r\ncf-ray: 9eb255045c8356c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":261950,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x-8, 32 bits/pixel","md5":"119af05dbb4a13239f09ea62960259f7","sha1":"beaf53bbe3a034f52c4c053da20e917ccfebf0b5","sha256":"081044eeaae97305a65156d1fa2bd515ce12817e4029a893a16d9e44de6fb8b0","sha512":"fa4587dea88e44799adb044ffd41aabe0010227b6488b53438de98da5ed11375e01e19cba7e4e2e58b65443ec1f2d068fdee0619c0f34d98df0a810f62a3b770","ssdeep":"1536:f9HD44F6KfY4GP0yBwSfuyWx8PqpMlZwxM3opw:lj4d4/yGSfHWx8PqpMlZwxiop","tlshash":"6f44e7c3e45567c8fd3a27f5817f2db886477d7a82b4241ca45cb1360eb70821a67e2b","first_seen":"2024-08-19T17:34:46.461918Z","last_seen":"2026-04-12T13:17:29.327262Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1099,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":480,"receive":619,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-12T12:46:05.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 12:46:06 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zgFVnpO0s%2FigUbxGwtXSmhKZsRChVJVZ9ASeaHnRSYswESz3Hcj%2FAtkWzCskvGwrvX%2FdzPKExpmhCrfBA35Mtx4U7Lak1vSiCvavWWCVz91WVORmxidlEreNFgJasDm%2FEc4IJifm7sDj\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9eb254f66c5c5ebd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19741,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (14176)","md5":"75e735db79e7d5c5ecc9203796c39811","sha1":"cce4438a95af583ae7ab889acf0cd9e24a76193f","sha256":"8dd57350f21dd91b7696a25b8185149802254cfd404fa71629fa60232a4604d7","sha512":"7d858cf6cce8396b860a3ad6f8957fb51682bb141b39b3500a34da95827ed2ef0b549b733aeb7d6a9b65eab4c6c2c6fb64e56cf0c82ce72cb81530696e226be2","ssdeep":"384:j/5k6oDFSF3FgFxtDt39UyfqUpugwo4gXbweMzXVBgYo:j/MDFSF3FgFxVt39/ugwo4gXbw9zgYo","tlshash":"a49294f5e7a2f4669613ec17639af71100ab59333831a67973ace1589f90bc8038794f","first_seen":"2026-04-12T12:46:36.246536Z","last_seen":"2026-04-12T13:17:29.333006Z","times_seen":2,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":83,"dns":62,"connect":3,"send":0,"wait":443,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/css/app.f56d9bbf.css","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:06.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /static/css/app.f56d9bbf.css HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d9e840-429b1\"\r\nexpires: Mon, 13 Apr 2026 00:46:06 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9%2BnpLqsTiLMJBATzf%2BjqZMNTTlaIW7gB6oxie4iiVo6spRUKhiEeZh9IeuuJeo2dQsfS1hJngY9%2FZNFB6zBPQkbqyFHhuudLXVjlBw4czwbjobgN6SfSUQa1vZkwS2HEn2V4SFuOMOT7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb254fa3ba056c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":272817,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (64974), with no line terminators","md5":"ac61bfd678305a6f264e66dd84628a97","sha1":"ced4e9d1d7af436340d7b2bdb0d19e29bd9eb2e3","sha256":"bcc24599af49b8b9b9eb5a0edb4ebc2e9266299c9351327514537ced6a64101b","sha512":"cece28b18aeb2ed4a66a81f9f7215b79865725c53ab2d0812882907f29d1313508064b7493fda294e312a92249ceae0b5d64bba2aee206cc8ad26a2ac9be7c41","ssdeep":"1536:ravyngEUt6f49+89+hoz4bv5yqm2gW9cMEutb7OOHiZkW1Yu8e+3SNZ5fhIcau90:BRKwtmnfUubtLSAif9B","tlshash":"d044a6219b572127612bda6d76c0ba895f28c323e4325fbbfe51780dc7d35891263a0f","first_seen":"2026-04-12T12:46:36.248827Z","last_seen":"2026-04-12T13:17:29.334676Z","times_seen":2,"resource_available":false,"data":null}},"time_used":741,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/chunk-elementUI.2a71524e.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:06.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /static/js/chunk-elementUI.2a71524e.js HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d9e840-b7ea7\"\r\nexpires: Mon, 13 Apr 2026 00:46:06 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rXWLGwVk%2FISZHANeKgJRDYYqnKLvY1LbGVt9QyQAC1t9fWpzq4UhzPPnDmiAx7lK4CFp7XcqEHl3X5wIBYw2A3Po1j0K33OxCxwx%2BW9zqQQ69j4dZ5FISlWZZM%2BJN%2FLlWfKX8WCv4%2BL%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb254fa4ba156c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":753319,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65340), with no line terminators","md5":"1e84f8f9eef4d472646c3d17bf2798ae","sha1":"9a964f7bc7fe2c88d7d48cc31ace4f683798ec73","sha256":"4fd4b12be14ed2f7fe645fd7f5b56648797b3906f997e9510b92538f453fcba7","sha512":"824c517b756e6245da0c71dcd3f4bf090026bf0497330df2c762aa038dbee831ad823dcc9f7e96f4a79b84b85f723444827beee03dc0dbecbabffd9b4524f9e5","ssdeep":"6144:EBNId8lURd2Lw7/t+dVbVbmvHdyksFQ9p63Hks75UfbGxgGOC8GsYIMeTfYF0:sauw7VabVbmvdyksOcU8ONTfYF0","tlshash":"ebf41a8d72c5b47147a360b0103f150bb33b2aac6809809cf675d8ea6d79a4d626ff7d","first_seen":"2025-05-12T11:10:13.065685Z","last_seen":"2026-04-12T13:17:29.341061Z","times_seen":5,"resource_available":true,"data":null}},"time_used":902,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":304,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/static/js/chunk-34eb204a.5344cd14.js","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:07.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /static/js/chunk-34eb204a.5344cd14.js HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Apr 2026 06:20:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d9e840-1728\"\r\nexpires: Mon, 13 Apr 2026 00:46:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8EWFu3bAPW3b%2FHcvx%2BQKLPDmF%2F%2F2tMv7Gi5wsJ0kCQSexteQmujpc1ldf8eic7LVyaxOi99JBTofUFzGrFoGwXHTjyluqEg3SiuTayOHcv7EZ1z54%2Fc61rBhNJluu6Q20aNxY1owI3yo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb255020c6256c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5928,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5806), with no line terminators","md5":"d70ce9e48c8a9486b1f3002295372b84","sha1":"4f07b12b34b3a025e3a686a9f3f133905808714e","sha256":"60328289bf7bffdd54fb8b87fd9778684737dbbcb88b9b0684ef435c91c4d327","sha512":"82b04ccdbce190604022850ccbe2965bd423faadab0ad1a9f4a24689889b9c69a4670d20a4e61b5e51422284259b18cf154502e231aa8378d1c482212969093c","ssdeep":"96:uVtiy4ZeDM+7z01jKnpGUEGfDnEnN2hM3FO4Smt+NTK76MxUgSqUqxxUDqUwP/X4:itiYT741jKkUZWFOTmteMnn+6vvkb","tlshash":"90c1f92954ceec493a07d229511b0053501f9c788226ca98ef31c9fade9ef9d362677f","first_seen":"2026-04-12T12:46:36.253566Z","last_seen":"2026-04-12T13:17:29.338568Z","times_seen":2,"resource_available":true,"data":null}},"time_used":452,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":452,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/api/common/getAllSetting","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:08.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://crypto-onchainmax.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:09 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://crypto-onchainmax.cyou\r\naccess-control-allow-credentials: true\r\nset-cookie: JSESSIONID=AEF8AC1066EF8A971765A58FE23A4782; Path=/; HttpOnly\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kpiRIFfrjuBq%2B%2FkHj2CXIw4jA3hGlybZ4%2Fi79qk0pZ9JwrnpAc6fFYKIvOv2eZwDcjerr95bz5lDegGIumKmrnejzX3zudTdvKvJzjafvzZbKnuLxZW4GKZbEV3MdJh0OpmDM7B%2BOiMZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb255060c9356c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":102,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"21a4299321578d77d8faef1164eeab2d","sha1":"75c7c4003f8aeff968abc13971e4d890f008207b","sha256":"7a2c7f91c3b5775b8c510b04017f8d1f1e88279babf73c02a5e5f6cdaa763f6f","sha512":"6a91b0968540c0f7953a1464527047468ca2cf33736a41ee9a9d2b10e6317a5d53e4660d862f83e50fb1b392115d2ca58438590e26922559bd2290037f9d41d8","ssdeep":"","tlshash":"d2b0127c2f2c53aa68c211d1c20e1300223031103520f34cc844d13c60cf0972c249c6","first_seen":"2026-03-10T12:08:03.155625Z","last_seen":"2026-04-12T13:17:29.328584Z","times_seen":6,"resource_available":false,"data":null}},"time_used":906,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":906,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crypto-onchainmax.cyou/api/captchaImage?timestap=1775997968289","fqdn":"crypto-onchainmax.cyou","domain":"crypto-onchainmax.cyou","tld":"cyou"},"ip":{"addr":"172.67.183.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://crypto-onchainmax.cyou/","date":"2026-04-12T12:46:08.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-onchainmax.cyou","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 18:47:44 GMT","end":"Thu, 09 Jul 2026 18:47:43 GMT"},"fingerprint":{"sha1":"78:C0:22:3C:9D:9E:E3:89:FE:AF:03:B3:36:C8:32:7E:AA:5A:AE:7C","sha256":"ED:82:A6:CC:EB:FB:96:C9:46:64:B3:BD:E9:07:26:49:8C:56:CE:0C:1E:F9:B7:6B:45:10:5B:F6:74:CD:0E:EA"}}},"request":{"raw":"GET /api/captchaImage?timestap=1775997968289 HTTP/1.1\r\nHost: crypto-onchainmax.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nisToken: false\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Apr 2026 12:46:09 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nset-cookie: JSESSIONID=69321DFE64421108A077CD0A17ED0386; Path=/; HttpOnly\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BJQB6uf7SFgh%2B93hP1VqPYqTJd4n7847Fjs4qXoqy4nmhWh7o%2B9SwJ4MWnjTRytz28AFZfD1QZprI9bB4YdrKN2ViT5YuPF1YJaDSa5WSnUdHXuakoCZipzgnBJwR%2FS3cVn0RGSYLmbR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9eb255060c9456c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":4210,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f6d48d9e1d9d660300ecde04bcf5724b","sha1":"f1da8efc952c5e1dd6448c9822a2e32ca48c92cb","sha256":"53aa80ff39dc2dc02068eadff2f4d3da2952874b045bbdd672ccca89993a4180","sha512":"60194156fba5d7586caf4e8d7988c76bc3a953c73b106c59c49917d483a430aea11872ead26daf055aabb95d41d03827bb8aa3e16741382b8346f706576d662b","ssdeep":"96:ud3DwAnwYV7t2tAbbP0fKqKs6qBCEQCl15ld8qPxeW:uJDNnw08eU+ZC35ldPp3","tlshash":"3d916db83f8571cadd4aec15cd8639858cbc027b127509e45da909b620f0485e3b5b1f","first_seen":"2026-04-12T12:46:36.257417Z","last_seen":"2026-04-12T12:46:36.257417Z","times_seen":1,"resource_available":false,"data":null}},"time_used":943,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":943,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"crypto-onchainmax.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}