{"report_id":"a78380f5-12c4-442d-aaed-8e0a458dd040","version":6,"status":"done","tags":[],"date":"2026-03-12T16:20:59Z","url":{"schema":"https","addr":"aml-kyc.online/","fqdn":"aml-kyc.online","domain":"aml-kyc.online","tld":"online"},"ip":{"addr":"37.140.192.89","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"aml-kyc.online/","fqdn":"aml-kyc.online","domain":"aml-kyc.online","tld":"online"},"title":"AML Checker - Cryptocurrency Wallet Verification","dom":{"size":72020,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (833)","md5":"136ee1091ad1ef84191406c40236a223","sha1":"551ddadbdce799ccdf907203fc5b62c41fd6c7f4","sha256":"377fa1922c0b6b05817690f18a0a8be97a386699463f966045f4d107f5c88023","sha512":"be8ab8f201b6ebdd03b8900c084b766edbd413406fd181bb417c8db1955b67bded00766c18e21857be84e6e26949bc996d49de02614e490c0599a9a93a48c8a3","ssdeep":"768:F8GVQWZFzsL4ZVTwkjfxygaecw0NnzyDWwE9pLEb6U:+ty1sL4ZVVJgRxwgNi","tlshash":"4663842623fb2121465320756f9727da3620d417d80fcd6d3f9c57908fc2aa0adb7b99","dom_hash":"domhashb923338a0730cf6cee216785d448e374","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"aml-kyc.online/","fqdn":"aml-kyc.online","domain":"aml-kyc.online","tld":"online"},"ip":{"addr":"37.140.192.89","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-16T16:20:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"aml-kyc.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"aml-kyc.online","ip":{"addr":"37.140.192.89","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2026-03-10","domain_rank":0,"first_seen":"2026-03-12T16:21:00.609317Z","last_seen":"2026-03-12T16:21:00.609317Z","alert_count":2,"request_count":2,"received_data":841947,"sent_data":918,"comment":"","tags":null,"fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-03-08T22:33:42.678774Z","alert_count":0,"request_count":1,"received_data":1468655,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-03-08T23:41:39.563153Z","alert_count":0,"request_count":2,"received_data":725,"sent_data":852,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"aml-kyc.online/","fqdn":"aml-kyc.online","domain":"aml-kyc.online","tld":"online"},"ip":{"addr":"37.140.192.89","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"6bb6c5c813a1b1e298324fbc4187e2ee","sha1":"8c1b953ab8a99de8e96d84e08f550d001ad23df8","sha256":"adabe27b7cd5769443c18f16069d674db0cdccfa899f82b5a56e506e5b1f69c9","sha512":"006994f525caf6e5fce3f5dea51932a35297e3e51635950dec8f27158e54c85a92b7a1672f07a01e60f7a8d1e46df15e5b63fcbdc42dc37fb88cb1c9a09274d9","ssdeep":"384:fXkLQJ6bKy0AvcwGTNn/LF4DWshMBjWMplNP8UmPmOUnd:becw0NnzyDWwE9pLEb6d","tlshash":"5523662623fb2121466320754f8b13da36215417a80fcdae3f5c47905fd2b619dbbbea","size":47435,"data":"","first_seen":"2026-03-12T16:21:04.17296Z","last_seen":"2026-03-12T17:11:24.296464Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/web3@1.8.0/dist/web3.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee54c3873088a6ba4d71bfb0efb78e78","sha1":"478bad9d212dbe159533d3aa2351c3afbf0f4bb8","sha256":"d532f1e74af7c10e763a5026e6349fa53c1b37d309e75372b1f2e6b179943c39","sha512":"6d243691fefa5ee7d4612ff85e29e81cba794b894d3b246fd3fc7950900288e332f2e7aa4cdc1115f5195a65a9c277338d1a7d4a3885d63ad76c61229bb6345e","ssdeep":"12288:j6x9vomS5EFTeMZamss1ECHNCwczeamsHIqC:j6x6EJeMZZECtUeWq","tlshash":"01650ac47690b091c3936aa1402f900be33efd686c4c4169b757ecf72cb9a995527f3a","size":1467535,"data":"","first_seen":"2023-04-06T20:47:16Z","last_seen":"2026-04-30T16:58:13.079348Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aml-kyc.online/","fqdn":"aml-kyc.online","domain":"aml-kyc.online","tld":"online"},"ip":{"addr":"37.140.192.89","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-05-15T18:19:46.880121Z","times_seen":657160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"aml-kyc.online/","fqdn":"aml-kyc.online","domain":"aml-kyc.online","tld":"online"},"ip":{"addr":"37.140.192.89","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-12T16:20:35.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aml-kyc.online","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 10 Mar 2026 14:31:28 GMT","end":"Sat, 10 Oct 2026 14:31:28 GMT"},"fingerprint":{"sha1":"62:C7:E9:7F:32:82:E1:FA:6C:9B:FD:23:CE:5C:55:82:96:34:AE:81","sha256":"CF:FC:7D:55:21:78:2E:BD:6F:56:FB:28:2D:DF:17:FD:41:DB:89:01:25:48:87:A8:29:63:04:F0:7B:6D:2D:22"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aml-kyc.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 16:20:35 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 12 Mar 2026 11:14:41 GMT\r\netag: W/\"1196f-64cd1dbe1016f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72047,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (833)","md5":"7387901f7f0f6e015c87d8df60df2d6c","sha1":"ea46fc1f1e6e02c2f6d84a62aa5c8f63f524c706","sha256":"fc1e707ad44d9f12e6a0a04e259c60726d6776aad6569ab8fe281c3e7dc1c878","sha512":"b1a53b9869bab61d6f1d3de39806dc48f1268ce0f625a8773d3e7d12613e46c947e95a63eb1f5d67fd0043d826c91dc4b9ab34779b71ff29f9f5f01247e6472a","ssdeep":"768:X8GVQWZFzsL4Z2TkkjfxyJaecw0NnzyDWwE9pLEb6i:Mty1sL4Z2BJbRxwgNw","tlshash":"2163842a23fb2121465320756f9727da3620d417d80fcd6d3f9c57908fc2aa0adb7b99","first_seen":"2026-03-12T16:21:04.162673Z","last_seen":"2026-03-12T17:11:24.289889Z","times_seen":2,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":193,"dns":64,"connect":27,"send":0,"wait":112,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"aml-kyc.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/web3@1.8.0/dist/web3.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aml-kyc.online/","date":"2026-03-12T16:20:35.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/web3@1.8.0/dist/web3.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aml-kyc.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 16:20:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 290788\r\ncf-ray: 9db4208ceda9767a-ARN\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.8.0\r\nx-jsd-version-type: version\r\netag: W/\"16648f-R4utnSEtvhWVM9OqI1HDr78PS7g\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230082-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 7558618\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=bK0H1O0g1cxTagLr%2FGne75prFGA6Ngo5br9rlFI74H4YQMA9flQSRyC5KAhotDfMzhuK8J7tcCZ26Ckg5TcQZVy8XZMVIal3LBLUlzZXrVSpVP45qEaWIAyUNWgBn9lp7QY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1467535,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (64083)","md5":"c840359b2b2013cf9aea6e60f48c186a","sha1":"6c29dc84b587bd6c3379a76da5f063d1f55bcf18","sha256":"c15151674c8e56d5c3dec087375df49d9a7b4fa3790ffc0e3a1f0cc37e60600b","sha512":"dc86862cda3f71565c8e97b95492f138aa7061725fb2d969a5082e080c4a42dc3048bc19595deaa236d26476bd770b31973232df1b61d7a65d64ecadefa72605","ssdeep":"6144:H83y56mcggZxvyAz5in6tfZ9vomD29jnb88wD3BdIdIm49hjrXyMcICNvmsROiay:j6x9vomS5EFTeMZamss1ECHg","tlshash":"0c251ac47691b0a183a361e4406f500fe33abd696c4c4568f354ecf62cb9e99563bf3a","first_seen":"2025-08-11T19:53:53.642569Z","last_seen":"2026-04-30T16:58:13.070248Z","times_seen":54,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":28,"dns":1,"connect":9,"send":0,"wait":21,"receive":38,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/tronweb@5.4.1/dist/TronWeb.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aml-kyc.online/","date":"2026-03-12T16:20:35.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 08:16:48 GMT","end":"Tue, 19 May 2026 09:15:09 GMT"},"fingerprint":{"sha1":"F3:CF:0B:A3:28:07:E9:5A:D0:8B:F4:9E:A8:A1:9B:71:A6:59:38:23","sha256":"DD:EE:6D:62:AC:D0:59:11:F9:1C:53:44:27:F0:8B:A5:2C:A2:C6:C4:BF:B8:79:AF:A5:5F:B3:E1:29:E8:45:8E"}}},"request":{"raw":"GET /tronweb@5.4.1/dist/TronWeb.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aml-kyc.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Thu, 12 Mar 2026 16:20:36 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 40\r\ncf-ray: 9db4208d0cd6b7a8-ARN\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T18:20:43.473553Z","times_seen":15229697,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":38,"dns":1,"connect":11,"send":0,"wait":47,"receive":4,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/tronweb@5.4.1/dist/TronWeb.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aml-kyc.online/","date":"2026-03-12T16:20:36.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 08:16:48 GMT","end":"Tue, 19 May 2026 09:15:09 GMT"},"fingerprint":{"sha1":"F3:CF:0B:A3:28:07:E9:5A:D0:8B:F4:9E:A8:A1:9B:71:A6:59:38:23","sha256":"DD:EE:6D:62:AC:D0:59:11:F9:1C:53:44:27:F0:8B:A5:2C:A2:C6:C4:BF:B8:79:AF:A5:5F:B3:E1:29:E8:45:8E"}}},"request":{"raw":"GET /tronweb@5.4.1/dist/TronWeb.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aml-kyc.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 12 Mar 2026 16:20:36 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 40\r\ncf-ray: 9db4208fe82c0d38-ARN\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T18:20:43.473553Z","times_seen":15229697,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aml-kyc.online/favicon.ico","fqdn":"aml-kyc.online","domain":"aml-kyc.online","tld":"online"},"ip":{"addr":"37.140.192.89","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aml-kyc.online/","date":"2026-03-12T16:20:36.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aml-kyc.online","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 10 Mar 2026 14:31:28 GMT","end":"Sat, 10 Oct 2026 14:31:28 GMT"},"fingerprint":{"sha1":"62:C7:E9:7F:32:82:E1:FA:6C:9B:FD:23:CE:5C:55:82:96:34:AE:81","sha256":"CF:FC:7D:55:21:78:2E:BD:6F:56:FB:28:2D:DF:17:FD:41:DB:89:01:25:48:87:A8:29:63:04:F0:7B:6D:2D:22"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: aml-kyc.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aml-kyc.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 16:20:36 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Sat, 02 Aug 2025 23:04:44 GMT\r\netag: W/\"bbd7a-63b69e67cb149\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":769402,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"871997bfa7c4aba7d296c258217ca799","sha1":"4d0ab5230a41dc863e715b0e740ad21091c90717","sha256":"19ffa5eb1d8a114c23a9a3b8c9bc976f49355cf575fefe83ba7912493ed8724f","sha512":"16844909a327ce6865ca0fea4792a02529537388ce7c5620b9405b358681981d0987d8647b11e9758eb75250f1383b9c4af63e3fba5f4034a36ef2be8d42649a","ssdeep":"6144:R0T9gq5TgX8gscru33oyBsQ70t6o1ysKAUEPusTCNwPdvgJ:A3oyBsQ70t6o1ytArdeJ","tlshash":"5df409c8abf02c5e921b86316c3f89c6f30a76d4b6fc4407694df791e25e116f226678","first_seen":"2025-12-02T09:11:41.901903Z","last_seen":"2026-03-12T17:11:24.293567Z","times_seen":5,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"aml-kyc.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}