{"report_id":"98665c1c-3026-490c-9403-4f5f91d74225","version":0,"status":"done","tags":[],"date":"2026-06-11T00:44:03Z","url":{"schema":"http","addr":"kuc.fmr-max789.com","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"172.67.181.37","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"title":"KUCOIN","dom":{"size":18616,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (12175)","md5":"d2421d6385173959ea03aa66d69434e6","sha1":"8cd90129cd7fe06335f58e23c61c761c948797fe","sha256":"2ec8944a483ce5e6a932cdd7256ce4932f8bcbf63e0ce5b2b59fd7bf6c5a79c5","sha512":"38f7e56240909d121fed5a384994b34f1a9da7882d591d9784a2d477f9c9e41140d32df6b48cfae7027e014f5456c074da00110d8995172eaacf0ddce9b6c743","ssdeep":"192:eLx731PtydIPdZCxf+2nfOqbqqc63argiQkF11rOVmmVXdB1XYKYpfI:wU6FZCxW2y63arw4hOVmmV9IXpA","tlshash":"8c824230a66904b70373c9c4e1717f2e3a62e30fd40a88457bad85d44fd7eb5f8aa661","dom_hash":"domhashacd2c4202669dd1091e01435f576c9a7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kuc.fmr-max789.com","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"172.67.181.37","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T00:44:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"coinmm.oss-ap-northeast-1.aliyuncs.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2024-12-20T23:51:24.400828Z","last_seen":"2026-06-06T23:47:40.882807Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":1135,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kuc.fmr-max789.com","ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-25","domain_rank":0,"first_seen":"2026-05-26T07:58:48.409667Z","last_seen":"2026-06-06T23:47:40.843675Z","alert_count":96,"request_count":24,"received_data":8110452,"sent_data":11644,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"h5-api.xda999.top","ip":{"addr":"104.21.2.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-18","domain_rank":0,"first_seen":"2025-11-14T03:02:34.0856Z","last_seen":"2026-06-06T23:47:40.801486Z","alert_count":0,"request_count":6,"received_data":5384,"sent_data":3407,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7e98f35f23795ecb1a944bbefa9e40a7","sha1":"9f6826623e1d677abe50f4755523c8986d229bc3","sha256":"2f34fa8f7eea8ee00070214da3db09639f6d9b89111c8ca090fcf04954be6ed3","sha512":"7cf3f08fbd52f6a4f645721a24b3d1cabfe28d13473087fb0a98eb47438edcfe9fec95d4b4ee73b2f4199e8f896e8f161d1a10175c400ee88e1d2d030dfd17da","ssdeep":"","tlshash":"8ec08cc4b0c26e002602691415af28e4a024402671481b038ce4d8582e220b08233e9c","size":138,"data":"","first_seen":"2023-05-05T08:00:34Z","last_seen":"2026-06-11T01:44:15.94672Z","times_seen":472,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a4bdcb8203f55c2a0d42fe2daeba7f94","sha1":"28d4fb637c1f7d7cfc979d90f4f388d62eb58a51","sha256":"386fe5926fc7fa712f45c79142ec5390c9082ce14bd96a609004647fb1f4d823","sha512":"09dd6e53cd308472025baff2f600acd0b5be74b4d557bf48d7402cf6147449fa01db100adc90a5ea3930e80b42a5a2a1782265620c3f940cc93f60e873363d5e","ssdeep":"","tlshash":"c6c08cc8a1c33d001602661060bf35e4a0288026714c5b128cd4e8492f230b88237e98","size":145,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-06-11T01:44:15.940208Z","times_seen":707,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"b72555cc3995b28c3a9cd6af7d203d6b","sha1":"c7811800aac62124fb6205ed09e9ad00d009932e","sha256":"b0b1305e4ae51864efeaea0954858a7786ef34d87e63ca3f6e73ee404ddf042b","sha512":"9a509162867591cc7e40a96b83a21422b49af3732255389d7ef90cd9f8a32675f0fe22f9085d447c4dd1b864175c086a3617ef1d524397e583f1a8c2ad33d653","ssdeep":"","tlshash":"f9c08cc4a0c32e209a02b45025af34e890244827708c6f13cc94dc882e624b4a237e98","size":151,"data":"","first_seen":"2025-11-14T03:02:44.472269Z","last_seen":"2026-06-11T01:44:15.944947Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"18a8a5cf120f99d44787dad461e56cf2","sha1":"d7b76e5a9b616cb6e0566197e89f209b2d1851a9","sha256":"9ba467f44d9843c5cd570a44dc37276725a0296fe556126321d929c546ecb6ab","sha512":"7723d777915656bb708fb62a06e75aae693cf249323aca31011c0acde3251738c747acbdd5085f11febadc048117ba327487e56fd90dd784e3d8c23c9fda846c","ssdeep":"","tlshash":"f5c08cc8a0c32d101b126921a2bf35f4a0344466744c2b42acd4e85d2e630b4923be98","size":155,"data":"","first_seen":"2025-11-14T03:02:44.47686Z","last_seen":"2026-06-11T01:44:15.943592Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/assets/index-D3-4-5Wa.js","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7867c8aa6598b6dd9f635501687f7c5","sha1":"3c628a5195f75945c07d584dc8a2e4e133ff7d22","sha256":"30dec582a931f1778e978c606b81d0593d1856e8cd0a5e1300c7f1725ace0ce4","sha512":"17bf1e1ddfddb0878f09ac218b59f54be5a120ee663443b8c57ce700f937e1cb3de4dadedcfd56964ecccf90a5dfdf60a90f217ef74a65e848aec0c18787e382","ssdeep":"6144:HcZhfZGShi9WIoPzHjGyUKaD28ivg7v2uXnlMcsaEanAci:HcZhfZGcfPzHbCv2uXnlTsaEanAci","tlshash":"2ed40985f846da7febb754d9109a0400610c7fc6f008c4a2b5fd9e4a3f5aeb4726ab35","size":614255,"data":"","first_seen":"2026-03-21T04:55:00.308874Z","last_seen":"2026-06-11T01:44:15.911058Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"434cd8966623895de3f00b48ae425fb0","sha1":"5c0d3cb0fb3357ac88d296e2a2fc140e2508f920","sha256":"7ef2c7f9ea36d96f00403aa3afec3152ea82f81c3a89ee0d128bd34cf36c77a2","sha512":"b642499bbf963488be7efb1ee328a9a5d5f71ff546c57f6e95d4432943ccb846931745727b31012cd05cf3351083bbd9481d019c6f6b9b4e7f9c06af41d1b4c6","ssdeep":"","tlshash":"8ec012c9f08b6d016a466514756f24f85425406a74491b129d98d8893b630f59237e98","size":175,"data":"","first_seen":"2025-11-14T03:02:44.46877Z","last_seen":"2026-06-11T01:44:15.948401Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"6900701ff959494d30437499abeb8885","sha1":"7cb4c820fbf30caa6b50d6c2dc4aa7c0c4b644d8","sha256":"3be52a71ee1e4d668cceef779a9942298cef4d68e03183d10681c4aa945c83f5","sha512":"731bc35b44d92adfda91474163cba7cbfe8ebb8faeb76364becb6a0f87c8d62c68a560257759546c0c38da3d0ea220cbee60eed126f77194441f92786231135b","ssdeep":"","tlshash":"b5c08cc4a0c22d101642645420af26e4a028802a70485b128c94d8482e620b48233ea8","size":138,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-11T07:18:03.26317Z","times_seen":6577,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"43a144a646cd1c3aa47c6e97b8997f16","sha1":"751520d68e01030d76aaa27829bee42de57b33ae","sha256":"7400aff6408f23b72deadda0905ff4dc8eb4af368f7e8026063918149826a7d6","sha512":"85eff0527e8a86cde19b0e67070c8f71528670484865bafb4b88ee54f83b48f575275ed10cf343f0c84d4c0a425f6632b5b1bdfdfbfd75c6702ee856d28f512f","ssdeep":"","tlshash":"14c08cc8a0c22d101a02681414af24e49028442774481b068cd4e8882e230b08233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-11T08:51:27.986521Z","times_seen":4133,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d98acc1019303c876db914a972334937","sha1":"73807338e5295d0e4a62fbf19a5258d5cc93e72c","sha256":"864aa8328e7915cfbea7a8773cd622fbf24494c9b6019a076bef6e3f795e7d9d","sha512":"77d7c9975e811e66a77b15f141c84b12ae3aa0f991d15d2864c3c3ce082e0da5f4154d93424ae8580ebd93a1c7231752fbf22ef82ce7a01d997287d2d854d1af","ssdeep":"","tlshash":"e6c08cc8a0c32d001a13642210ff34e4d03440a6b44d1f028dd4e8493e624b09333edc","size":150,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-06-11T01:44:15.943069Z","times_seen":531,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4865cadf4d4adfec558ced7ffa3c8002","sha1":"268d46883e9a93d8e3e3d84eecb3db702aea4ce0","sha256":"6dcf0da07dea2ce982c6900f58822a8359aa174e8849ce8b78d224ddd1778662","sha512":"925595c968682c9f0402fd8a9c843c8566be61000ab7ee3a1c7317df511e64fed01663aaf88b2cd2bd058d03131619aa9bee3306219d8fe29edcc1bd3d99fd3f","ssdeep":"","tlshash":"7111abfe1a1a71296303804e976b7911742290ad000a1452738c9a9dabaaf6dd0cbb8d","size":1050,"data":"","first_seen":"2026-06-11T00:37:47.563579Z","last_seen":"2026-06-11T01:44:15.935038Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-11T12:42:16.424805Z","times_seen":36674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-11T12:42:16.425478Z","times_seen":38934,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/charting_library/charting_library.min.js","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","size":10859,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-11T01:44:15.917707Z","times_seen":1015,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/assets/en-CoWTwYvP.js","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"da002a96a922b26495dec0ebe95a015e","sha1":"c4fe9886731937002ade75023b2a10f066bf3636","sha256":"9b4381e7f76fb524c0299bab14b924c850c520f406f5f5dd5e75500b5600389b","sha512":"b88d3fd11efbaca05b2424e6de53ce7ebfa9ae7641fab674270ca6e7bc42bc48fdeac4119f5b480c466ed34d6a254495032039615fdf8b5bfe5cd0221112cc39","ssdeep":"768:KGtZcEw/o7roOCCFsiFnAM+EWUAaAM9BoP6+ss0HPxJ2KRe6garFH4nqHYl5Iu2:uponoOCgp0EWUd9B9s0HPx8MMatiqU5S","tlshash":"d5430b4dbe261c6a05e3533a7cce3a2411f905c38758880f5eec89bc53e1ba66777728","size":60281,"data":"","first_seen":"2025-11-14T03:02:44.443461Z","last_seen":"2026-06-11T01:44:15.928571Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ae5feb6b24c441290a3e2d782714500c","sha1":"2f0f1a1e911bf75ed1217b538e4a41afd94aed58","sha256":"ee88f74f487bf19830b06b424270a9c6d0b26992053f08e17de46f6eb598c13a","sha512":"8b41430a7c1c3b8a1ab8f39ca982550d4c7161ee8526359c7ce0a765db90cc3e9582f182be1761a3ce305ec6fbc0cf224790335bd3f4fc92fa6c046fd2c6a8ab","ssdeep":"","tlshash":"90c08cc8a0c27e501602aa1020bf25e4a034482b71481ba3dce4e95a2e360b08233edc","size":153,"data":"","first_seen":"2025-11-14T03:02:44.465012Z","last_seen":"2026-06-11T01:44:15.941732Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7d6ae974c12d5cb8c309072ecaea3469","sha1":"85f0b3a6e7d7d2a29a8fb25a64bcd731264ab3ea","sha256":"7f6f93d42ac932667e3f5f998c04edb45861c9c83305046e7049947d062c0a36","sha512":"79acd33c2cd65d38a5971fe25e15d1fd8203ca90ddea21c6d56f67cd4b1fe6a20d31c7b2a5ccf739933b14de8520501bb99375bb476aa799bde817b58aa2c95f","ssdeep":"","tlshash":"08c08cc8b0c36e102686681014bf2ce490244426b44c5b478de4e8492e620f48233e9c","size":149,"data":"","first_seen":"2023-11-22T06:47:57Z","last_seen":"2026-06-11T01:44:15.93788Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"207820ea30e8c69ce04100e8526ac9b2","sha1":"289c2ffded67dd3ddfa4bfbbba56b6f8043610a9","sha256":"1fd71a67efe14f91b321e3f476ef6de1ac2329e77f5720cd37ae6589fb074b69","sha512":"d1237fe7e4dbcbfe699ee7e9b4b30d9963a1919d1451c928aa9af64326dfb7a7d43f8bde094fdd4dab7a65a070422f6904cdea73eaac2fb4225f0bb1c8d6df5e","ssdeep":"","tlshash":"30c08cc5b0c36e10261ba85050ef34e490248027b04c1b038da4e8892e630f08237e98","size":148,"data":"","first_seen":"2024-01-21T00:00:16Z","last_seen":"2026-06-11T01:44:15.945619Z","times_seen":418,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7d6ae974c12d5cb8c309072ecaea3469","sha1":"85f0b3a6e7d7d2a29a8fb25a64bcd731264ab3ea","sha256":"7f6f93d42ac932667e3f5f998c04edb45861c9c83305046e7049947d062c0a36","sha512":"79acd33c2cd65d38a5971fe25e15d1fd8203ca90ddea21c6d56f67cd4b1fe6a20d31c7b2a5ccf739933b14de8520501bb99375bb476aa799bde817b58aa2c95f","ssdeep":"","tlshash":"08c08cc8b0c36e102686681014bf2ce490244426b44c5b478de4e8492e620f48233e9c","size":149,"data":"","first_seen":"2023-11-22T06:47:57Z","last_seen":"2026-06-11T01:44:15.93788Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-06-11T01:44:15.938528Z","times_seen":1020,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4865cadf4d4adfec558ced7ffa3c8002","sha1":"268d46883e9a93d8e3e3d84eecb3db702aea4ce0","sha256":"6dcf0da07dea2ce982c6900f58822a8359aa174e8849ce8b78d224ddd1778662","sha512":"925595c968682c9f0402fd8a9c843c8566be61000ab7ee3a1c7317df511e64fed01663aaf88b2cd2bd058d03131619aa9bee3306219d8fe29edcc1bd3d99fd3f","ssdeep":"","tlshash":"7111abfe1a1a71296303804e976b7911742290ad000a1452738c9a9dabaaf6dd0cbb8d","size":1050,"data":"","first_seen":"2026-06-11T00:37:47.563579Z","last_seen":"2026-06-11T01:44:15.935038Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-11T12:42:16.424805Z","times_seen":36674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-11T12:42:16.425478Z","times_seen":38934,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4865cadf4d4adfec558ced7ffa3c8002","sha1":"268d46883e9a93d8e3e3d84eecb3db702aea4ce0","sha256":"6dcf0da07dea2ce982c6900f58822a8359aa174e8849ce8b78d224ddd1778662","sha512":"925595c968682c9f0402fd8a9c843c8566be61000ab7ee3a1c7317df511e64fed01663aaf88b2cd2bd058d03131619aa9bee3306219d8fe29edcc1bd3d99fd3f","ssdeep":"","tlshash":"7111abfe1a1a71296303804e976b7911742290ad000a1452738c9a9dabaaf6dd0cbb8d","size":1050,"data":"","first_seen":"2026-06-11T00:37:47.563579Z","last_seen":"2026-06-11T01:44:15.935038Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-11T12:42:16.424805Z","times_seen":36674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-11T12:42:16.425478Z","times_seen":38934,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"eb4e75b41d6a1e03321e98b2675dd8d7","sha1":"30f21c5746f02c5f8a449c18668cf07f386b2682","sha256":"197dc2cfa5ebb2744820a627ac978b78a26898870875e564e7e6d0734818ba98","sha512":"ed95c13d775c26d9d1cabce2ab4c10ceece5f2a4a65e5805340bcfa632802287c0a2068cbb29d2b84cdcbf162162f047c000d629f6c249246ddf80b1d07a0e55","ssdeep":"","tlshash":"99c08cc8b0c23d10160a651125ef34e4a0384036704c2b17dc94dc683f620b08277e98","size":153,"data":"","first_seen":"2025-11-14T03:02:44.474119Z","last_seen":"2026-06-11T01:44:15.949521Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-06-11T01:44:15.939102Z","times_seen":901,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"13c955790620068752fc1cd1ac047dd3","sha1":"d1cbe0a63074120763202d2fdfcd7dbd168516d8","sha256":"3436d302f5f6e03e10d26ec136974848596075d9bb7fedac20f024787b2c30dd","sha512":"71027f52a4015663fd3ba37aac5cf464597fc0907c05c7f84918783074e6f27873a09d53309b4c2389df2f5cb25323129e3dd1beee2c90508ec919309eaa517e","ssdeep":"","tlshash":"c0c08cc5a0c33e006602641110ef24e49028442670886b428c98d8482e220b48233e9c","size":146,"data":"","first_seen":"2025-07-07T10:44:34.073206Z","last_seen":"2026-06-11T01:44:15.944178Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/ac-chat.js?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"feb7f4a791fccac98a019806df998fde","sha1":"063928180a3b55ef727b1464e19064f03bd718f7","sha256":"9eb06b3d8afb186486652f21cff591d47cba5a82ddc0f293bdd2a32263240936","sha512":"b26bf347b5d2838b9736bbefc0bb9476254f263f17e99aa35982a0f32d61805fb5c48e8a0582db95aaed51b2502dca99ea34a71d7a1cc3a94b829c4d8992a0ae","ssdeep":"","tlshash":"ad419bab43294614c17a13b3ad4b5194fa32a03faf46003879fc5094afb6a7550b1ffd","size":2391,"data":"","first_seen":"2024-12-20T23:51:30.333323Z","last_seen":"2026-06-11T01:44:15.932566Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"589137b59f683ea2d78246d284cb0796","sha1":"c81a0732d797fb35102bff82259fe48380a39754","sha256":"85dd0af297391a8c31af022d5fe612f18f1ae57d864a79931f19d9fe006f99f4","sha512":"1750e49b2f433bda48c26a51369aca925e18fc4f9a0b05bd6f3488974ac7fe9059981e09b76ed030b172035d3718739f8a4e809eed0c6fad7c1554717b9f9738","ssdeep":"","tlshash":"35c08cc4b0c36e101606665021af28e490249026704c1b038d98e8492e620f08233ed8","size":148,"data":"","first_seen":"2025-11-14T03:02:44.46065Z","last_seen":"2026-06-11T01:44:15.937231Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-11T07:00:08.265252Z","times_seen":5684,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"afd6dadb9533533d8514ac548303e331","sha1":"0b297795e161099658da59b3912482e86732e56d","sha256":"e378d3c8bb137aed4116bdd0c560231896d500f4edbb80088c14fd8fb220c3a9","sha512":"0df2fd8eb6e505ad35fff7e135feb15d50d1ae87d9990d9fa472fb834b7baf48ca73b3e8850042c74584e60de2daa8b9a4a981e5bef460ab48ad5f8ddb5d03e6","ssdeep":"","tlshash":"6cc08cc4a0c22d101602661014bf29e59024802671881b42cc94e8882e220f08233e98","size":140,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-06-11T01:44:15.947883Z","times_seen":889,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"cb64f94097307a2fbaa5805f2b1fe8f0","sha1":"7c03403d2fbab163596889da4be720d87e19e64f","sha256":"877614d99573c405a6cfad337e01fe0e68f18e8455bc75eff280f9b6644d3167","sha512":"503ef4542e64da3c0fb5017b16f072f859e3a5c32069d3d44c8a595a129af2ff9378b1c6134d814832ce4307f8d60565bd7a2ca2aa7b391b09b13c115c77a79d","ssdeep":"","tlshash":"b9c080c5b0c37d216601655555af28e49134551675481717cc9cdc453f274f0a237f98","size":169,"data":"","first_seen":"2025-08-13T22:50:23.288315Z","last_seen":"2026-06-11T00:44:12.551053Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/assets/vendor-CCyySU3U.js","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2225a0483e69c7bae65e0657b35ce56","sha1":"b1d413ff82aa24f87fd2f36737b06782ec5cead1","sha256":"a9fb25d9b628d96c24badf203c1c75110d558cb5958c7d64e1078a0a51f652b9","sha512":"f3419226e9ca1cd48e0beaa97b4669d1cc2b6e340f128c30f93a00c397369454c17f34b74ce783ff9366bc58d2c2a6f67c85e9aeada56ed92ff9c216293cd63f","ssdeep":"49152:MaEUDmr8eyx9pVUU4mv/qmhYuSoJ2hMe4uljrgAJ0CQoL0hTRtlCI3W2QWQY/hsr:uvTjSyCbA","tlshash":"2b369eb5735270a547ab2091107f090be33a290e74478598fa9ddcda7c7d84aa27bb3c","size":5224925,"data":"","first_seen":"2026-03-21T04:55:00.365442Z","last_seen":"2026-06-11T01:44:15.941206Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1cc5b80561ae0df97e18b2b1a597f0bb","sha1":"f8757b04d3b01df3981899d0e5a443dc2b8dd609","sha256":"426b328ced6298131326ba0fa13b5b16815e5ee382bcac52f194c359ddeff8ee","sha512":"8d373ba518768ee3051338a36104746bb022b760a8521c4626602573f23e992c14f31783acfe08e3d7d4f7905d13d03d45c555a57c064a2d5eb6e51dad3690c8","ssdeep":"","tlshash":"7fc08cc4b0d22d402602681064af24e4a024802670481b428c95e8482e270b0d233e98","size":139,"data":"","first_seen":"2024-08-19T18:27:42.851433Z","last_seen":"2026-06-11T01:44:15.942497Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/#/home","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-06-11T06:47:32.311674Z","times_seen":3534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/tabbar/home-active.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.955Z","timestamp":1781138635955,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/tabbar/home-active.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-508\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u6XeJsPrleYR5KVddNzF3BwqJXn%2B9ej%2FQT4FNRxRiwB9%2Bxfdb8mmBGXD7CabD92nieCDn2VHkV%2FKl%2F6jjT1dR67csx8C4ybg3TLwOuEFxfmBPbxZm295i5QAaQQ1JmUHcWhjZk8%3D\"}]}\r\ncf-ray: a09c959abbe8723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1288,"size_decoded":1433,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1091551913c4928ac9e36f3e2c52c5de","sha1":"40b1c3a75ca54f30423a3ca8326dc72097748334","sha256":"1ae34b12bafdcb55734a80bb191e5bf4106f73984e55b6e22913f4a35088293c","sha512":"ae42c74958710b4f6be60869ce61151ac9661e34cddb77d89ec3f2d31d5ecdb4ce045cdc73504cabfb8a7d5787d7a2743d9e20260412b5e3eb990722f1c95c1b","ssdeep":"","tlshash":"972132f686d8eda9910ecbf5990927b3715a6ab75aadc300c560ff1f34302e55ccc491","first_seen":"2026-03-21T04:55:00.324465Z","last_seen":"2026-06-11T01:44:15.931018Z","times_seen":7,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h5-api.xda999.top/api/user/getCountryCode","fqdn":"h5-api.xda999.top","domain":"xda999.top","tld":"top"},"ip":{"addr":"104.21.2.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:56.005Z","timestamp":1781138636005,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xda999.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Apr 2026 18:11:29 GMT","end":"Sun, 12 Jul 2026 19:09:00 GMT"},"fingerprint":{"sha1":"61:9B:94:BB:03:C1:62:E1:A2:AC:E1:AD:5F:06:16:3A:8B:C1:A2:DE","sha256":"7C:9F:6E:0C:4F:EC:EE:52:82:9B:61:F9:DA:FE:30:F1:C4:DB:3C:B9:A8:93:F3:F2:78:7A:A3:FA:9A:84:79:13"}}},"request":{"raw":"OPTIONS /api/user/getCountryCode HTTP/1.1\r\nHost: h5-api.xda999.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://kuc.fmr-max789.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:56 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://kuc.fmr-max789.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qnnTPhg186fPqD2i9ZhOFDVRTVx9OehyTqAhzruMq0od7C3W7Lba%2FjCf37Q6yXxCTHgUSkxQ9cZ2BuoOe3iAbk35dUrEczw6Rb7NTt6Ni4HgBJRCt5qrns45fN2CpXUON1TM0g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a09c959b0e1db1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":894,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T12:58:54.521546Z","times_seen":16327794,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/noyet.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:56.014Z","timestamp":1781138636014,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/noyet.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-1595\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3xLfhyA2nhaZhadDv0iBTGzHIp%2Be2T5oc7IzhKsKYgKzjI8I2C6OmyHrcbxhrHmkbq9NZdF8CffqbEpIsaf6eILSz0avO6Jdisk%2FTMSgAlsil7iguEumHqMhb1Z%2FFmq713ep1Ys%3D\"}]}\r\ncf-ray: a09c959b1bf2723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5525,"size_decoded":3433,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"77ee7f00b779f93376047e43077b3ad4","sha1":"3130c3c6e720d86c613ac9151d146a29d8ab6e51","sha256":"c0b807228e2449c1a0b454c78331f2f63a516874c66226b066cb5d9da4949b13","sha512":"32bc1facbf8eac5f4aa5aab481d1e2922183b853a2fc390fc1c49224eac8b2cb6890f35aa76e6a91ea0302c287249c99761717cfe7430c9db920cdd2d63f85ee","ssdeep":"96:OQkOPsmqCbdjjdILwwY+f+y8PzPb3tfGng+woY2SZObr2IFEPSvNvC:OZOG6HduwwBfB8fMngB+SZObxISv5C","tlshash":"6db1d7dc3b6893f0d187abb5c929392c391f78fa7eb04088c2651a197c190f8cd5dca6","first_seen":"2026-06-11T00:44:12.509723Z","last_seen":"2026-06-11T00:44:12.509723Z","times_seen":1,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/assets/en-CoWTwYvP.js","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:49.302Z","timestamp":1781138629302,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /assets/en-CoWTwYvP.js HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 12 Jan 2026 09:08:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6964ba0c-eb7b\"\r\nexpires: Thu, 11 Jun 2026 12:37:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 393\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Na7yTiijEK15NhtbPhnH4sNVlnWFbR%2FldDX%2FPHU6xoVfQbppE6ngGD60Eniq4hplRy0TnfJBJINqQawkHdV8F4U7en3HFvdzGYv3Hgq0okE7HRR%2FkhCncp%2BQvJ%2BbmJ5Qd7YYdBI%3D\"}]}\r\ncf-ray: a09c95712a62723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60283,"size_decoded":22190,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (60254)","md5":"da002a96a922b26495dec0ebe95a015e","sha1":"c4fe9886731937002ade75023b2a10f066bf3636","sha256":"9b4381e7f76fb524c0299bab14b924c850c520f406f5f5dd5e75500b5600389b","sha512":"b88d3fd11efbaca05b2424e6de53ce7ebfa9ae7641fab674270ca6e7bc42bc48fdeac4119f5b480c466ed34d6a254495032039615fdf8b5bfe5cd0221112cc39","ssdeep":"768:KGtZcEw/o7roOCCFsiFnAM+EWUAaAM9BoP6+ss0HPxJ2KRe6garFH4nqHYl5Iu2:uponoOCgp0EWUd9B9s0HPx8MMatiqU5S","tlshash":"d5430b4dbe261c6a05e3533a7cce3a2411f905c38758880f5eec89bc53e1ba66777728","first_seen":"2025-11-14T03:02:44.443461Z","last_seen":"2026-06-11T01:44:15.928571Z","times_seen":8,"resource_available":true,"data":null}},"time_used":6499,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6497,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/tabbar/market.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.960Z","timestamp":1781138635960,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/tabbar/market.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-619\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=viiAatPKFBnUcemNSq0RC7%2F61i8tOYlKvOybeASZmK7xZP6zHYw%2FOEzB64nfDNpZdfdmdhY2vG1LZW952yFRlCI5F50t8uCjDU7LY5kooo7nVOgUc%2BhP1IRVQO8Dy40K%2BKYOdh4%3D\"}]}\r\ncf-ray: a09c959acbe9723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1561,"size_decoded":1377,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2ac9938eebf36b65c9071543eb254ad8","sha1":"eaa86638c3294f47ff722ec26ceae3065c3332d6","sha256":"268c42d8145cd1f5aabb907fec2e73cc11a775928b70e6c28311d8647fcfd6fd","sha512":"b0d69b96d50eb40f2e5381abd620c505304c1ed2467b1504f630e475d960043ae9e914206fa06585aea40f9ebc6004ae5e63b4400288f1b92f40c6121f2cbcb4","ssdeep":"","tlshash":"043178b147d647a580bde3bb65e6110e734703e47f02cc58527faab9e4682ae13c9c8d","first_seen":"2026-03-21T04:55:00.322058Z","last_seen":"2026-06-11T01:44:15.925681Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/tabbar/now.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.966Z","timestamp":1781138635966,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/tabbar/now.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-544\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BZfYZ471lurGk0offPBg3yM%2BFSnzXfz18O8mtWPhpeHDA1Bx2%2BkZZewBtXuYRahn2g6UxyOCtq2DNm6eTIfNgDIwctrpo0RkFDYX1qzzTmwLSszn6CDPuLOjfsVv%2Fd6v5KIe4D8%3D\"}]}\r\ncf-ray: a09c959acbec723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1348,"size_decoded":1406,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5f35e34f4f57c75b33a17c0466de7e77","sha1":"9527d35169e20da80f992957426fd64e9d0f8271","sha256":"2faa41b06be3440467617baa6f59595dd1defad891a17d70139e869405180118","sha512":"f86f35af52607f847671e6c525066655b721cc3bb983df4397b6dbdc1036d1c8298834974f58a5726539ea60c9488cffce9643375a6cb543fe11679cfd9f4912","ssdeep":"","tlshash":"ff2141f161fe6dc0951ee3a1b9e0663ef20d37b1731ac54013191f15e5b60be0a0dc08","first_seen":"2026-03-21T04:55:00.354351Z","last_seen":"2026-06-11T01:44:15.922189Z","times_seen":7,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/assets/vendor-DCDpCA7X.css","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:38.430Z","timestamp":1781138618430,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /assets/vendor-DCDpCA7X.css HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 12 Jan 2026 09:08:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6964ba0c-1fa2a\"\r\nexpires: Thu, 11 Jun 2026 12:37:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 386\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=juoJfJVwcChtRJuj16TVoLIsUlUXnogmDhAiipeIWjzT2qGHI%2BaaXNcY7O1Q%2BbEMYvMo2TQLnwxglCsWqprmWhseHq1WpHOCcOK4Js24iq5cnN7ui%2BbDp7POUdhR%2B3WowNDUGyU%3D\"}]}\r\ncf-ray: a09c952d3e40723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":129578,"size_decoded":47208,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"d3051c758bd59c9418f23e63d9835b4c","sha1":"bd923d27eadbe1b73ecaba4ad40fb394768a70e3","sha256":"337dbdb5eb63d19adaf18dd12da9988b5f192c68c9a168d81ed442b77838353d","sha512":"cd069da3876246865ace6856d5bb3df7c6205ed771ac5d041c0f3a167ac2a85d4c2ad3e8f67494eb0477f874350c037f3eeda37f5c698587a36826f0ebe99967","ssdeep":"1536:BtIyNBi3MFYaQj7FCwsBlDOFIxuVox8DbVUVEIG1Ah5aIzM:BnNIClDsIxuVS8f0tC","tlshash":"6dc3e6a5e5c491bc6f2bf265ab8766d8f23cf661cd01daa4f105505c0fc7bf50223a2a","first_seen":"2026-03-21T04:55:00.297313Z","last_seen":"2026-06-11T01:44:15.92162Z","times_seen":7,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/platform/kuCoin/favicon.ico?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:39.181Z","timestamp":1781138619181,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /platform/kuCoin/favicon.ico?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:39 GMT\r\ncontent-type: image/x-icon\r\netag: W/\"6964b630-423e\"\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QdGcWX6EsVuK0yg%2B7nfFhw9%2BR5IL%2BbDyWn8HDg53fbtWCkhgDWE1E%2FEC3hfcRye%2Fy98ZHWcQVhW3Zyda5zguRIRhW0DO%2FbmDjQ8vkUTyv353%2FHWeRm3X86bN1cZ5fz4B%2F1S%2BfGY%3D\"}]}\r\nage: 384\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a09c9531ee72723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16958,"size_decoded":6336,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"0d7feda020772da8686a371ad1f3a930","sha1":"d6785fb8f89870c73e0ab3dc43c2a056cc5897f0","sha256":"4c68f3c98f9da1e9a39d71ce9de69a49f005dcf7de136847a8989b3cb88795a9","sha512":"42e3d1d2261c4912d552055f2807662ab44edfee12455f7de77cc0874f0b6ce0a54991410557819744eb2b392f6fd076fc31794fe9e5ef23acf08259bbaf67a5","ssdeep":"192:rB1xrHL5wvhIX+wpqAKUuOP/cL+VgldTTTplPZfgxQEDzB1D0RG:TxrrQSXVKUuC6Ag7TJBZfgxQozB1DL","tlshash":"f0723676b5bfcfaec5ad12b080395eb44bc9de604fc513bfe201a16c86747688c61276","first_seen":"2025-10-28T12:27:40.367549Z","last_seen":"2026-06-11T01:44:15.913523Z","times_seen":30,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinmm.oss-ap-northeast-1.aliyuncs.com/2.0black/stable/2510a5f78ba340b4a43a7557f0f573f2.ico","fqdn":"coinmm.oss-ap-northeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:41.764Z","timestamp":1781138621764,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /2.0black/stable/2510a5f78ba340b4a43a7557f0f573f2.ico HTTP/1.1\r\nHost: coinmm.oss-ap-northeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T12:58:54.521546Z","times_seen":16327794,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/tabbar/trade.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.963Z","timestamp":1781138635963,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/tabbar/trade.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-842\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3EmcASysbvpW3Fal3QlDvnFJbmyRBib9bKFAfybGsBUXNNxZ%2FrYIUdYrtr58InTi5WFtvlJK24q9BTm5jVWm1q8I1DBuwmw4w8zLkxvRorrRDtmHvII5Y%2FNkBNhTEK6KS8aC%2BUc%3D\"}]}\r\ncf-ray: a09c959acbea723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2114,"size_decoded":1724,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b82b6fbc6af5b7ddc2c5821368bb4c80","sha1":"5e3a15fbdcfcccf0725a55d2fc307f5adb68b2c5","sha256":"5bb81434b360847e9bf78c3262b12c46beed8315bc769136db2d81300b5904df","sha512":"5599e900c3e42053524f7349279e23b81d66b056c04a6a496a5c20e79f61f768e49a8071c5bccfecd5c890692ec5e1cbac10156b59b6be9aa80c6dda497351ba","ssdeep":"","tlshash":"95410ff7b3c466e45e5bc732aad1a83f300733783f594d94c0562a68eaf52984c09c88","first_seen":"2026-03-21T04:55:00.351616Z","last_seen":"2026-06-11T01:44:15.931538Z","times_seen":7,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinmm.oss-ap-northeast-1.aliyuncs.com/2.0black/stable/25a13f15332e46169de3d380417fd19f.png","fqdn":"coinmm.oss-ap-northeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:56.041Z","timestamp":1781138636041,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /2.0black/stable/25a13f15332e46169de3d380417fd19f.png HTTP/1.1\r\nHost: coinmm.oss-ap-northeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T12:58:54.521546Z","times_seen":16327794,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/fonts/Arial.ttf","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:38.546Z","timestamp":1781138618546,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kuc.fmr-max789.com/assets/index-CFOpmo-U.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:38 GMT\r\ncontent-type: application/octet-stream\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 19 Dec 2025 09:01:38 GMT\r\npriority: u=3,i=?0\r\netag: \"69451472-ff9e4\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 385\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4BZ%2BUrzUL9BoTeQDwCjgFpbZ8Rg%2Bty5rs6aQPvBTS3EKvYzWFcIEiMY21awpHBxLCE19m52FY0QywHBaNE%2Bd6TOP3ODPeXWRDLOscfwfIaG9QHJ8qJQLYGWE17v8tpd%2Fk6EGC%2FY%3D\"}]}\r\ncontent-length: 1047012\r\ncf-ray: a09c952dee4b723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1047012,"size_decoded":1047784,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-06-11T01:44:15.934548Z","times_seen":1341,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/platform/kuCoin/logo_144.png?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:39.178Z","timestamp":1781138619178,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /platform/kuCoin/logo_144.png?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:39 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-a58\"\r\nexpires: Sat, 11 Jul 2026 00:37:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 384\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3hm0o9Aa%2FUnZ0m6yzRw0uK06jJmQsDhG45dsRLYPq%2BqxqndBk8%2FE3cZwvNDG9tZ9FP%2ByFueQ4eu9pA8%2FQZKm3ymJeXvkBwVDVuiXVlFeVV9CuX4c0FcRXz8tz2ponCCUV7S9E2Q%3D\"}]}\r\ncf-ray: a09c9531ee71723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2648,"size_decoded":3475,"mime_type":"image/png","magic":"PNG image data, 122 x 29, 8-bit/color RGBA, non-interlaced","md5":"b7ab57e8e49861420fb5876b5db96d9b","sha1":"49abd42a4155f65c094cd88f65568c167c1724e0","sha256":"bf5fe635a36e7ac98ae1fc14f6ca9629198983b813a09e645b18e73a7924a4ca","sha512":"6f948283d5b933e1a32baf90293c25263d390e934b380dd3c8476a88be14b4837faaa9d86ca123e8beb53d0cb2a0fff8e6fa50f90b9a5b727657d3ea8ca52c54","ssdeep":"","tlshash":"24513b776a10cdec815c4fb1d9024108d6488d932eab02a4bdbc5b34ab55ae9b07c947","first_seen":"2025-10-28T12:27:40.360915Z","last_seen":"2026-06-11T01:44:15.912969Z","times_seen":30,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h5-api.xda999.top/api/notice/list?key=POP_UPS_NOTICE\u0026modelKey=DEFI_COUNTDOWN_NOTICE","fqdn":"h5-api.xda999.top","domain":"xda999.top","tld":"top"},"ip":{"addr":"104.21.2.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:56.000Z","timestamp":1781138636000,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xda999.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Apr 2026 18:11:29 GMT","end":"Sun, 12 Jul 2026 19:09:00 GMT"},"fingerprint":{"sha1":"61:9B:94:BB:03:C1:62:E1:A2:AC:E1:AD:5F:06:16:3A:8B:C1:A2:DE","sha256":"7C:9F:6E:0C:4F:EC:EE:52:82:9B:61:F9:DA:FE:30:F1:C4:DB:3C:B9:A8:93:F3:F2:78:7A:A3:FA:9A:84:79:13"}}},"request":{"raw":"OPTIONS /api/notice/list?key=POP_UPS_NOTICE\u0026modelKey=DEFI_COUNTDOWN_NOTICE HTTP/1.1\r\nHost: h5-api.xda999.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://kuc.fmr-max789.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:56 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://kuc.fmr-max789.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uZrEbV23R6Z%2BrSuKijlZ3mFEHZ9cKoofgJI3EQ%2BZVZh6Q91cA%2FWkyQ0iZhE3IvyPSmxE9OInu8rWYsLipb%2BQL0%2B0g%2FmTtoGq3HmXCU2i0PRmI2XwFssOp9f%2BpkCqbdUEAj8irQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a09c959b0e1bb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":906,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T12:58:54.521546Z","times_seen":16327794,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5-api.xda999.top/api/common/type/defi_activity_type","fqdn":"h5-api.xda999.top","domain":"xda999.top","tld":"top"},"ip":{"addr":"104.21.2.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:56.003Z","timestamp":1781138636003,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xda999.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Apr 2026 18:11:29 GMT","end":"Sun, 12 Jul 2026 19:09:00 GMT"},"fingerprint":{"sha1":"61:9B:94:BB:03:C1:62:E1:A2:AC:E1:AD:5F:06:16:3A:8B:C1:A2:DE","sha256":"7C:9F:6E:0C:4F:EC:EE:52:82:9B:61:F9:DA:FE:30:F1:C4:DB:3C:B9:A8:93:F3:F2:78:7A:A3:FA:9A:84:79:13"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: h5-api.xda999.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://kuc.fmr-max789.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:56 GMT\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://kuc.fmr-max789.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CSN1Mfy68U9f8D5NTKGxPlqXnNiqH2XOMRm9pQC1zE1Ux5JWVj1D4FvCJ7DL6bnCan8OeBlhr7TPsaSukvPNgFN54NZIdPgycOmpjNPDGE1GlbTpjhizIrXzfXEkfvLdN5Nx6A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a09c959b0e1cb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":892,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T12:58:54.521546Z","times_seen":16327794,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/images/light/bana1.png?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:56.009Z","timestamp":1781138636009,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/images/light/bana1.png?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:56 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-29a16\"\r\nexpires: Sat, 11 Jul 2026 00:37:16 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 399\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YwAzOOQwwva7N9O3Iklg%2FBBK%2BbO80%2FSBmSJOWnsSrWxv6Q0COtef0y7N%2BQk1FCI1Uqz8JQ%2Byld74EmmzpMiKwcSqdo2acy8iFL2wkL8TFEr7Ppv8ujI12iwVLS%2BOF0QqTRFfEtk%3D\"}]}\r\ncf-ray: a09c959b1bf0723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":170518,"size_decoded":171128,"mime_type":"image/png","magic":"PNG image data, 494 x 360, 8-bit/color RGBA, non-interlaced","md5":"1b8a22a596d98557ff31964f6afb8d7d","sha1":"93110c28a9edad8ad66c678d5210c429c3834ebf","sha256":"b600cc15ffc32d248b0ad6ad56376656432d011794c8b4c0309631fe72992aa8","sha512":"918acaf630e25bfd22a280f124cf92072304ee0ca5bdfbb8d28a6392b1d70f6e776967fdda758f1440008e72f39ab040a76106058f240a0759e9c0b559130bbd","ssdeep":"3072:sVlRaM+ycO09TG0NujoaGOQE8GDMg8VKK96XLd+ZQE+URz:sZT+yq9TYcaTAGYg8ILUZ8URz","tlshash":"f7f31354e2cdaa1db0e0f78b8da11c97685a45438be10bc7e3c371eac6c175b7b6d206","first_seen":"2025-11-14T03:02:44.409737Z","last_seen":"2026-06-11T01:44:15.927366Z","times_seen":8,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/assets/index-D3-4-5Wa.js","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:38.426Z","timestamp":1781138618426,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /assets/index-D3-4-5Wa.js HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 12 Jan 2026 09:08:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6964ba0c-95f6f\"\r\nexpires: Thu, 11 Jun 2026 12:37:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 386\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PhfnljOk9kRrsHgBDEqxKfsUoVdHbNWo70%2Fk9KUJIjcd3E5gSyiWdN1UNeSBmhRTWuxWDwk525XnuPkqrTGzS154X20ERQQJ4pHbp0twV93HgFSVWONkHHsQXDVB8htAfbqlim4%3D\"}]}\r\ncf-ray: a09c952d2e3e723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":614255,"size_decoded":197463,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65127)","md5":"e7867c8aa6598b6dd9f635501687f7c5","sha1":"3c628a5195f75945c07d584dc8a2e4e133ff7d22","sha256":"30dec582a931f1778e978c606b81d0593d1856e8cd0a5e1300c7f1725ace0ce4","sha512":"17bf1e1ddfddb0878f09ac218b59f54be5a120ee663443b8c57ce700f937e1cb3de4dadedcfd56964ecccf90a5dfdf60a90f217ef74a65e848aec0c18787e382","ssdeep":"6144:HcZhfZGShi9WIoPzHjGyUKaD28ivg7v2uXnlMcsaEanAci:HcZhfZGcfPzHbCv2uXnlTsaEanAci","tlshash":"2ed40985f846da7febb754d9109a0400610c7fc6f008c4a2b5fd9e4a3f5aeb4726ab35","first_seen":"2026-03-21T04:55:00.308874Z","last_seen":"2026-06-11T01:44:15.911058Z","times_seen":7,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/assets/vendor-CCyySU3U.js","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:38.428Z","timestamp":1781138618428,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /assets/vendor-CCyySU3U.js HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 12 Jan 2026 09:08:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6964ba0c-4fb9dd\"\r\nexpires: Thu, 11 Jun 2026 12:37:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 386\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p5Rk5pK8393eM6f4r6Me%2FKtWVR73baBPlgZEd1OyGrFlDKKwHqCi1JmDjpFSG6dGS%2FF96DnVKSMYaKuKHXsRux4PY3vx1X9jvxOO5dKvjHlp9PSSMuVNMYDB43shaoggCWvfR2c%3D\"}]}\r\ncf-ray: a09c952d3e3f723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5224925,"size_decoded":1931282,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"70ccf988cfc5c120048dc14a84bb9a1d","sha1":"dc0f465e89d32828275ab7f9ed0d8538114b5462","sha256":"40ff9c32588cba1c43aa1648586b7526a6e56c7990b1ed41ffc4835119a776bc","sha512":"c8dd1420cb0b781b65d0e5de371c22d825f3662721982ab0a7f7575f20ddad43b7a518becb1130255dd31b60705d1b819e7c76892a2c23f3f667d06d8a7bbc84","ssdeep":"24576:MaEUDmr8eyx9pV8ZOR4d0vyrHFGqmhYuSdKhN1f2hMe4uljrk:MaEUDmr8eyx9pVUU4mv/qmhYuSoJ2hMr","tlshash":"e12509d8b691b42543a761e5007f050bf33a691c740e85e8f669e8da3c7d84e627bf38","first_seen":"2026-03-21T04:55:00.327701Z","last_seen":"2026-06-11T01:44:15.909756Z","times_seen":7,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/menu.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.953Z","timestamp":1781138635953,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/menu.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"6964b630-295\"\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\npriority: u=5,i\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jwexjO1z6ux4YhVghssjS8bsBW7Jkl8fiBakr6tlEn7PJ7F2yU1RXlPPJj93xcO6%2FMxzl7pj4C73W6uICnef7%2FCnt3T49Ee0l5sAAjLLvbl%2FuxUDRntAfiIDxv9BtjqzKcqyt08%3D\"}]}\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a09c959abbe7723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":661,"size_decoded":1042,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"739ca03885011dae5bbe6ae9c7f8e78b","sha1":"8c5cefc18138cbf78b1f9ba4ddc34db88e3a0e01","sha256":"cf68a9264640bb310cd80cc1ba7b8df48fdd67464eb58b53aa3b0ece95f6bccb","sha512":"4a4c2e15a38e4e2519c935a86959a78dbe906e4c51804b7232f5c9a627822545561c3146436399794270ecc060abdfdf2f6037b5bc76bef29cefc3a7af2a93fd","ssdeep":"","tlshash":"820112f4f3f6a6558736cb53b0e839be97fb919416100fb0d05029d55889c923a98c60","first_seen":"2026-03-21T04:55:00.348922Z","last_seen":"2026-06-11T01:44:15.919483Z","times_seen":7,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/moren.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:56.011Z","timestamp":1781138636011,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/moren.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69451472-133\"\r\nlast-modified: Fri, 19 Dec 2025 09:01:38 GMT\r\npriority: u=4,i\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fo0ZQikKODpfwtIubYA3p2UohRO%2FjsCdl5nexC67PZQgMMnEjArG4ofz8M9e%2B3GbdKG1koOGBqbXyH8a%2Fom1I%2BAe%2FpEfPacZCZsWF2vIwXK1knQAvMwAuGMCcZgcjmbIwa6oYzQ%3D\"}]}\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a09c959b1bf1723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":307,"size_decoded":943,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c7717d623b9e9193c32f926e96c49abd","sha1":"b08948bab8fd14015ace9bda4c97e02584e3b7b2","sha256":"db1351d981f6ed6c4a52323a6ed5652c30cfde27c84695814257db98905f82cc","sha512":"60a0670f41290e6766018ecd268339a43a84672f54356006232b33239560ea377028b29b82d83574b2aee547de3567d164ac65e45403ba185a91f0822a494a76","ssdeep":"","tlshash":"9fe07db680260c1ea4090661cbf40a84807cf143c2a204edfba01473033042e1d8d275","first_seen":"2024-08-20T13:53:54.395904Z","last_seen":"2026-06-11T01:44:15.927958Z","times_seen":76,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T00:43:37.878Z","timestamp":1781138617878,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:38 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 12 Jan 2026 09:08:28 GMT\r\ncontent-encoding: zstd\r\npriority: u=0,i\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qs9Tzw4ymD4vuN6LPM3bft9A1Se7oMtlI%2BzOm0dFNpxjCSCY9X3gn%2B%2Fm4cW2uZz1C0UESglFM4mkdJWB3B2qchntpaZ3tEhx3W77%2FoOFXAXn%2BnJcbNbx3%2Fvf9pgYFHl9L97dMZY%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a09c9529ee28723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6586,"size_decoded":3057,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1123), with CRLF, CR, LF line terminators","md5":"9453a5b0a72cba1d90db992dcb569cdd","sha1":"8ed7b8ce5d1e1f540c9fc8a47568391b15152ebe","sha256":"5aaace3c1618e0aea99eb3714b1c6e639c736e6bd7ae28e583a230cdb3040ecf","sha512":"3bd5288982c2306921908da5d206288d4d79db633458fb89fe67f0b25f47674f47501c1c914cc8514c9b9101ed6f57b89445360585bd31975b8922778550518a","ssdeep":"192:+FBJlo1PtydJnvZCxf12nfOqbvwuB1XiKipfO:Q7XvZCx92LSZpG","tlshash":"47d175a75da588591372812adee7f504eb208183851a4c50b9cd64ef8ff2fd5c8c3b65","first_seen":"2026-03-21T04:55:00.317301Z","last_seen":"2026-06-11T01:44:15.912484Z","times_seen":7,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":5,"connect":13,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/assets/index-CFOpmo-U.css","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:38.431Z","timestamp":1781138618431,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /assets/index-CFOpmo-U.css HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 12 Jan 2026 09:08:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6964ba0c-ae889\"\r\nexpires: Thu, 11 Jun 2026 12:37:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 386\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H79tZn02xe6Y4aj5FaBbGqfaadllyDhIJ%2Bp6%2BCyduK0x%2BgduN%2FG9p4vAePoJWQS1SzR6y43mZ2N5skIaSr6GmmJtSI2WzMjECz6zOmiXuKFP5HKedqcF3YbjdT71mwwIrWGoyWs%3D\"}]}\r\ncf-ray: a09c952d3e41723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":714889,"size_decoded":143816,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"95d1a97bad558c2b3d91eebd47064e9e","sha1":"23a51e0e278efd3d1192ba229eb3abfc197b28f9","sha256":"a245149c451579c8485bc431926da16972b6b255a17186231012856c9fb3f549","sha512":"0461c7dca00aa0cc5a419a50415667913165bd6e3ecb83b28daf7dc99715ed023fca27789bd16448337d91e23ebace9977360fff63a4fca3a27f67065da47719","ssdeep":"12288:7v1s9dZ8w71ZACkFDS3vyf58rBeV05TI+JYj/oJoNx2Np3Leren0GOCpn3VmIoFd:7v1s9dZ8w71ZACkFDS3vyf58rBeV05TU","tlshash":"eae4e769b15411396e37d5a97bc8aacce12cff62c8435ed4f243151a0ec7bf7232161a","first_seen":"2026-03-21T04:55:00.310998Z","last_seen":"2026-06-11T01:44:15.916727Z","times_seen":7,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/tabbar/cooprate.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.965Z","timestamp":1781138635965,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/tabbar/cooprate.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-686\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IrAO9VM4L92yVdVk7bfznwzp7LvRuUEUERsiFCmRlwC6vYG4zkgjSp%2BfUBoP12Mn5PhnGthI3dIvSOiA2fJeT8x7CVPTjeETKq9n5SOj34sMVk4Gw%2FZwM4sYu2EQ79xcLDtAFaI%3D\"}]}\r\ncf-ray: a09c959acbeb723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1670,"size_decoded":1530,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5890402e1d0e0aa7d2bb2d8553e20938","sha1":"82b6824bc5abc358a90a92f2359deca96271bc45","sha256":"b873bc88c098dff130f226d66bcf30af144c9e5e2448df01f30957f508847cc4","sha512":"a1e70ef2670958f63b70d88f010c21773acf587a9ad27dad256b361f9b83bc8a098008589b21ed569f7edcb8ddb6498e11fb9dd3cbdb5b72ee6d7ce9b3616531","ssdeep":"","tlshash":"a031bcf962e856c4e0cb8bf3f9362662736334bc3f15db5151ea7b69d6581dd84c8800","first_seen":"2026-03-21T04:55:00.353001Z","last_seen":"2026-06-11T01:44:15.91434Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/charting_library/charting_library.min.js","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:38.425Z","timestamp":1781138618425,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 19 Dec 2025 09:01:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69451472-2a6b\"\r\nexpires: Thu, 11 Jun 2026 12:37:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 386\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UAXqYe9I0CImErDErycrl%2B3qWngCGSoEMq9SGDDZJvCT9q8W7IjZKjU3kzqBR2%2FKXFtVZAHyUvscIuAhXnx93ophTApxUxvwkWgqtMMcEbr90tvEh7JE7MyqWi9MfWP13xDqyKg%3D\"}]}\r\ncf-ray: a09c952d2e3d723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10859,"size_decoded":4250,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857), with CRLF line terminators","md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-11T01:44:15.917707Z","times_seen":1015,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/tabbar/wallet.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.969Z","timestamp":1781138635969,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/tabbar/wallet.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-471\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x0fFpUrlSOEBbQ3pR37t5toWfa6V8zjS%2Be5u9j5icDB2mtGzv30alWoCk%2BFiZa8QFeJPNsd0qidr0NMIrcKQ3SFPi8dLUIrTs%2BgW53zhdSCn25w7ZJHHzkEy0YhtxYLfUycpHt8%3D\"}]}\r\ncf-ray: a09c959adbed723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1137,"size_decoded":1298,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4e3050f964ad69f73f938ae4b990abab","sha1":"1b7a00dcd84a1e12d58e95b40c2e2964fe7b7c27","sha256":"b5ccfd95a91fddfffcd023141ede84a7706447a7ffde0598edd5c2d7e83e8f92","sha512":"aac10e62032383073d163964e375e8c8429d7a64473bc15eeb6c4583945dd3577e1dc1953c4d15fa599648141683fe455e6955ebbf2e62fde5fb313b4e7efa74","ssdeep":"","tlshash":"d3216e75bfe545d414aae361ecf1292f712b22e83721ce5852db29a5f46474e5b06c00","first_seen":"2026-03-21T04:55:00.346198Z","last_seen":"2026-06-11T01:44:15.934064Z","times_seen":7,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/platform/kuCoin/config.js?1781138619281","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:39.284Z","timestamp":1781138619284,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /platform/kuCoin/config.js?1781138619281 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:39 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8K3Ntm2Fd5kAK%2FOSoXc2iCSO7wNEfeVkZw%2FB1zDw1kBvEEjBYfcZ8C6jIpN6TFzzrbPywHOhQpuJwH16u2ornVk4%2FEMn8fbx%2FCNo9PsjY1vQfo9xsP0Xq%2Fqiov6fSGmmrYGSgMI%3D\"}]}\r\npriority: u=3,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a09c95328e7d723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":714,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-11T12:58:13.131029Z","times_seen":525363,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/svg/light/notify.svg?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.945Z","timestamp":1781138635945,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/svg/light/notify.svg?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 12 Jan 2026 08:52:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"6964b630-953\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=inenQ6htAJKZBkaQtC9OmecBe6zTGexNYp2iOQ9bkFqQaUUuZTN%2BFQHUFug6n2ibqhsbeCdm6AGOk8YmhhNEq99kyhEBBzrbOtB6oMih3HV%2FzWyRE%2BL3eC33BsfTxQePJPknHsA%3D\"}]}\r\ncf-ray: a09c959aabe4723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2387,"size_decoded":2531,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a7b97f5844ef7c9113c730ae02b448fa","sha1":"2889ffc1bc0a8a8e5a4a270f99cc03277bd82ec7","sha256":"536bac5d14ff055ab7e7754915786e6d6b3abfe804d2cdfca8ac2c6b85ff71cc","sha512":"f0b2ac069a3eaab59a688b13c0208c01128bc14a64edd80594539957ddeb46eb8cd786d58a5b97f8d62bc7f9c0289f94d8aef0e56c27119b39ceaefa8d505c21","ssdeep":"","tlshash":"70412b3c929c345ed26a0be891cd1612cc4f9d76ba51804f93d4714da8bde9d505c35e","first_seen":"2026-03-21T04:55:00.333089Z","last_seen":"2026-06-11T01:44:15.918306Z","times_seen":7,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/ac-chat.js?2.0.1768180108080","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:38.433Z","timestamp":1781138618433,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /ac-chat.js?2.0.1768180108080 HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 19 Dec 2025 09:01:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69451472-957\"\r\nexpires: Thu, 11 Jun 2026 12:37:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 386\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZJo7ZpglYMswZbDGt43EW0X%2BvFKNyfY9CcKPqZ1e2kTlmrxoV0PM6B7Mt9jwx%2FcUS0rjx3moGqMc5kbKJ7xOPeSsOzfaSDLiARSQDoYWWwx4EfIFxsJYn0Tol2mNluGLlWfResA%3D\"}]}\r\ncf-ray: a09c952d3e42723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2391,"size_decoded":1719,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"feb7f4a791fccac98a019806df998fde","sha1":"063928180a3b55ef727b1464e19064f03bd718f7","sha256":"9eb06b3d8afb186486652f21cff591d47cba5a82ddc0f293bdd2a32263240936","sha512":"b26bf347b5d2838b9736bbefc0bb9476254f263f17e99aa35982a0f32d61805fb5c48e8a0582db95aaed51b2502dca99ea34a71d7a1cc3a94b829c4d8992a0ae","ssdeep":"","tlshash":"ad419bab43294614c17a13b3ad4b5194fa32a03faf46003879fc5094afb6a7550b1ffd","first_seen":"2024-12-20T23:51:30.333323Z","last_seen":"2026-06-11T01:44:15.932566Z","times_seen":28,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"h5-api.xda999.top/api/common/getFrontSetting","fqdn":"h5-api.xda999.top","domain":"xda999.top","tld":"top"},"ip":{"addr":"104.21.2.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:39.529Z","timestamp":1781138619529,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xda999.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Apr 2026 18:11:29 GMT","end":"Sun, 12 Jul 2026 19:09:00 GMT"},"fingerprint":{"sha1":"61:9B:94:BB:03:C1:62:E1:A2:AC:E1:AD:5F:06:16:3A:8B:C1:A2:DE","sha256":"7C:9F:6E:0C:4F:EC:EE:52:82:9B:61:F9:DA:FE:30:F1:C4:DB:3C:B9:A8:93:F3:F2:78:7A:A3:FA:9A:84:79:13"}}},"request":{"raw":"OPTIONS /api/common/getFrontSetting HTTP/1.1\r\nHost: h5-api.xda999.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://kuc.fmr-max789.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 11 Jun 2026 00:43:40 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://kuc.fmr-max789.com\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ifj1gqVmrPa3S4D4WlEs7So%2FrmIpD3%2BQOLXwuY7NibRlZDlUP2rKv50B2olAUFKzi5I0fDA4ANOcnYFsRYYPEvvbT2V4NopRcbyFhtHWAdwv9RNMNIeffjFuR9kkIj5KftCfkA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a09c95342908b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":865,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T12:58:54.521546Z","times_seen":16327794,"resource_available":true,"data":null}},"time_used":1039,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":1022,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"wss://h5-api.xda999.top/ws/d91e15b4-1d2c-422a-8abb-946e4abef512","fqdn":"h5-api.xda999.top","domain":"xda999.top","tld":"top"},"ip":{"addr":"104.21.2.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:39.530Z","timestamp":1781138619530,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xda999.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Apr 2026 18:11:29 GMT","end":"Sun, 12 Jul 2026 19:09:00 GMT"},"fingerprint":{"sha1":"61:9B:94:BB:03:C1:62:E1:A2:AC:E1:AD:5F:06:16:3A:8B:C1:A2:DE","sha256":"7C:9F:6E:0C:4F:EC:EE:52:82:9B:61:F9:DA:FE:30:F1:C4:DB:3C:B9:A8:93:F3:F2:78:7A:A3:FA:9A:84:79:13"}}},"request":{"raw":"GET /ws/d91e15b4-1d2c-422a-8abb-946e4abef512 HTTP/1.1\r\nHost: h5-api.xda999.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://kuc.fmr-max789.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: xMInrfBJOuFnLSYh0hcLAw==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Thu, 11 Jun 2026 00:43:40 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://kuc.fmr-max789.com\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: JSESSIONID=5F92D6CD6B892FE5E210C3B7681C01CC; Path=/; HttpOnly\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: AKtKqI0qt4YkSr0PbtQ7trvPSo8=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=v7h7VkocQJOxm6Pgmz2NpkMbvJuHgbTOYC%2FHwKXpXvllFyGg4bylreoAjdd3IsyLKRqdo7M9C%2F%2Bl0VuvGhhikYCLKy1atIgqPqmjjQpA5EZADPcCAqjSda1Wo%2BM5fkN6hUFhAA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a09c95358ee4120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":947,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T12:58:54.521546Z","times_seen":16327794,"resource_available":true,"data":null}},"time_used":1241,"timings":{"blocked":-1,"dns":222,"connect":224,"send":0,"wait":789,"receive":0,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5-api.xda999.top/api/common/getCoinList","fqdn":"h5-api.xda999.top","domain":"xda999.top","tld":"top"},"ip":{"addr":"104.21.2.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:39.535Z","timestamp":1781138619535,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xda999.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Apr 2026 18:11:29 GMT","end":"Sun, 12 Jul 2026 19:09:00 GMT"},"fingerprint":{"sha1":"61:9B:94:BB:03:C1:62:E1:A2:AC:E1:AD:5F:06:16:3A:8B:C1:A2:DE","sha256":"7C:9F:6E:0C:4F:EC:EE:52:82:9B:61:F9:DA:FE:30:F1:C4:DB:3C:B9:A8:93:F3:F2:78:7A:A3:FA:9A:84:79:13"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: h5-api.xda999.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang\r\nOrigin: https://kuc.fmr-max789.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 11 Jun 2026 00:43:40 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://kuc.fmr-max789.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qDNg5KHm%2FBEgSJmBxXIxCXLtC6AXtj6kdzrGjkrvSgjn2giBGbdZB%2Bciu2KFdM3QvXA6UrJQjXVXwyXmplfAztPQX81QanV0lzSNHXOVNqhEQxpxMu9vIDWPR4Hi8j0yfkHoAA%3D%3D\"}]}\r\ncf-ray: a09c95342909b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":880,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T12:58:54.521546Z","times_seen":16327794,"resource_available":true,"data":null}},"time_used":804,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":792,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuc.fmr-max789.com/resource/fonts/DINOT-Medium.otf","fqdn":"kuc.fmr-max789.com","domain":"fmr-max789.com","tld":"com"},"ip":{"addr":"104.21.51.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kuc.fmr-max789.com/","date":"2026-06-11T00:43:55.919Z","timestamp":1781138635919,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmr-max789.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 06:55:11 GMT","end":"Mon, 20 Jul 2026 06:55:10 GMT"},"fingerprint":{"sha1":"60:3D:15:CD:97:91:B7:F0:4A:B2:BA:5E:A2:AC:AA:10:13:BE:64:D4","sha256":"1C:67:DC:43:95:7B:5E:7F:C9:74:6A:F8:B0:51:B8:67:BB:0B:AF:BB:1B:E0:16:C9:D0:85:09:DC:38:F1:E2:3D"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: kuc.fmr-max789.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kuc.fmr-max789.com/assets/index-CFOpmo-U.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 11 Jun 2026 00:43:55 GMT\r\ncontent-type: application/octet-stream\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 19 Dec 2025 09:01:38 GMT\r\npriority: u=3,i=?0\r\netag: \"69451472-11d88\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 399\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D3quJtbf138ajFUZyCGpGowmS90jdQCfQpUCyDdv2lT1AUTbvJPU2rcQSrYqAR0DmAyZwAXSjMk%2FMBiVVcegFSzixfU2ZXMEncZ5qunj%2FNaRhzF8dUZhesuwDO%2B6YhFslzJNMEA%3D\"}]}\r\ncontent-length: 73096\r\ncf-ray: a09c959a8be0723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73096,"size_decoded":73862,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-06-11T01:44:15.933056Z","times_seen":969,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"kuc.fmr-max789.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"kuc.fmr-max789.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}