{"report_id":"ab2a0c28-d0b9-40e6-9ea9-9ee019dc9a3c","version":6,"status":"done","tags":[],"date":"2026-05-30T01:48:10Z","url":{"schema":"https","addr":"checkamls.cfd/","fqdn":"checkamls.cfd","domain":"checkamls.cfd","tld":"cfd"},"ip":{"addr":"104.21.76.5","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"checkamls.cfd/","fqdn":"checkamls.cfd","domain":"checkamls.cfd","tld":"cfd"},"title":"AMLConnect and AMLBot: Securing Web3 Transactions Effectively","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"checkamls.cfd/","fqdn":"checkamls.cfd","domain":"checkamls.cfd","tld":"cfd"},"ip":{"addr":"104.21.76.5","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-04T01:48:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"checkamls.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"checkamls.cfd","ip":{"addr":"172.67.184.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-15","domain_rank":0,"first_seen":"2026-05-30T01:48:11.191587Z","last_seen":"2026-05-30T01:48:11.191587Z","alert_count":3,"request_count":3,"received_data":2470956,"sent_data":1314,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"checkamls.cfd/index.bundle.js","fqdn":"checkamls.cfd","domain":"checkamls.cfd","tld":"cfd"},"ip":{"addr":"172.67.184.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12ce0685607bb20c416693098982bf4c","sha1":"4f740fd23f1a97b41d4d3d81e3a16e358f98861a","sha256":"a9eb2252b8a56c72d4bf19d669f920f6ae1db4653c4b07bf7fbc4785cd82afa4","sha512":"4b95525015501f6fdbfaaabeb7919a9f9f5864b4440f7f3a95acd90e1f6bf44cb999f2f249df72ffa7f26b64787011ac68c906d98c7e5c142de6bdcf0ed160a6","ssdeep":"","tlshash":"eb90025633c46c4084144047218442f9a148120c95e0514c4a0f36e1149c76e3051289","size":54,"data":"","first_seen":"2025-12-09T12:56:43.342777Z","last_seen":"2026-05-30T02:13:09.849993Z","times_seen":219,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"checkamls.cfd/index.bundle.js","fqdn":"checkamls.cfd","domain":"checkamls.cfd","tld":"cfd"},"ip":{"addr":"172.67.184.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12ce0685607bb20c416693098982bf4c","sha1":"4f740fd23f1a97b41d4d3d81e3a16e358f98861a","sha256":"a9eb2252b8a56c72d4bf19d669f920f6ae1db4653c4b07bf7fbc4785cd82afa4","sha512":"4b95525015501f6fdbfaaabeb7919a9f9f5864b4440f7f3a95acd90e1f6bf44cb999f2f249df72ffa7f26b64787011ac68c906d98c7e5c142de6bdcf0ed160a6","ssdeep":"","tlshash":"eb90025633c46c4084144047218442f9a148120c95e0514c4a0f36e1149c76e3051289","size":54,"data":"","first_seen":"2025-12-09T12:56:43.342777Z","last_seen":"2026-05-30T02:13:09.849993Z","times_seen":219,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"checkamls.cfd/index.bundle.js","fqdn":"checkamls.cfd","domain":"checkamls.cfd","tld":"cfd"},"ip":{"addr":"172.67.184.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://checkamls.cfd/","date":"2026-05-30T01:47:48.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"checkamls.cfd","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 10:46:20 GMT","end":"Thu, 13 Aug 2026 10:46:19 GMT"},"fingerprint":{"sha1":"86:18:3C:16:C0:F4:E3:86:3B:EB:E7:32:7E:D3:09:5F:19:AF:59:7D","sha256":"A7:9E:CA:EE:4B:20:6F:FB:C7:74:59:89:DC:A2:BB:D4:C6:B6:1B:D1:5B:86:FA:98:E1:0A:6F:BD:05:59:9E:74"}}},"request":{"raw":"GET /index.bundle.js HTTP/1.1\r\nHost: checkamls.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://checkamls.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 May 2026 01:47:48 GMT\r\nserver: cloudflare\r\nlast-modified: Thu, 28 May 2026 11:31:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hr0OKCIOKVK5st2bpWZ648IybSljNcIuQCBRQZT2RRhDZJkIU1V9z%2BlUxv9jL2CdptGhQ1Dc5XBBA9B3hcwjq7EHcXAwSn6Uctfbef1FwAIk0W0zIAwqcyRQHWeppDtH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\netag: W/\"36-652df11d6a068\"\r\ncontent-encoding: br\r\ncontent-type: text/javascript\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncf-ray: a03a12ad1c1056c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"12ce0685607bb20c416693098982bf4c","sha1":"4f740fd23f1a97b41d4d3d81e3a16e358f98861a","sha256":"a9eb2252b8a56c72d4bf19d669f920f6ae1db4653c4b07bf7fbc4785cd82afa4","sha512":"4b95525015501f6fdbfaaabeb7919a9f9f5864b4440f7f3a95acd90e1f6bf44cb999f2f249df72ffa7f26b64787011ac68c906d98c7e5c142de6bdcf0ed160a6","ssdeep":"","tlshash":"eb90025633c46c4084144047218442f9a148120c95e0514c4a0f36e1149c76e3051289","first_seen":"2025-12-09T12:56:43.342777Z","last_seen":"2026-05-30T02:13:09.849993Z","times_seen":219,"resource_available":true,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"checkamls.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"checkamls.cfd/index.bundle.js","fqdn":"checkamls.cfd","domain":"checkamls.cfd","tld":"cfd"},"ip":{"addr":"172.67.184.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://checkamls.cfd/","date":"2026-05-30T01:47:48.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"checkamls.cfd","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 10:46:20 GMT","end":"Thu, 13 Aug 2026 10:46:19 GMT"},"fingerprint":{"sha1":"86:18:3C:16:C0:F4:E3:86:3B:EB:E7:32:7E:D3:09:5F:19:AF:59:7D","sha256":"A7:9E:CA:EE:4B:20:6F:FB:C7:74:59:89:DC:A2:BB:D4:C6:B6:1B:D1:5B:86:FA:98:E1:0A:6F:BD:05:59:9E:74"}}},"request":{"raw":"GET /index.bundle.js HTTP/1.1\r\nHost: checkamls.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://checkamls.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 May 2026 01:47:48 GMT\r\nserver: cloudflare\r\nlast-modified: Thu, 28 May 2026 11:31:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IRM0fEI0%2B3j%2BH18Rfi6WTsN4OWy7hkm9oaHnELByBdL%2FwgiUh3Tig15C2qDHfXGNZD%2Fngwm%2BH3sRePWDxDyeUu3pgA8gOtIeKaAfgK7REpkGgrVSgcwiHGmGTNhKBry2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\netag: W/\"36-652df11d6a068\"\r\ncontent-encoding: br\r\ncontent-type: text/javascript\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a03a12ae4c1656c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"12ce0685607bb20c416693098982bf4c","sha1":"4f740fd23f1a97b41d4d3d81e3a16e358f98861a","sha256":"a9eb2252b8a56c72d4bf19d669f920f6ae1db4653c4b07bf7fbc4785cd82afa4","sha512":"4b95525015501f6fdbfaaabeb7919a9f9f5864b4440f7f3a95acd90e1f6bf44cb999f2f249df72ffa7f26b64787011ac68c906d98c7e5c142de6bdcf0ed160a6","ssdeep":"","tlshash":"eb90025633c46c4084144047218442f9a148120c95e0514c4a0f36e1149c76e3051289","first_seen":"2025-12-09T12:56:43.342777Z","last_seen":"2026-05-30T02:13:09.849993Z","times_seen":219,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"checkamls.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"checkamls.cfd/","fqdn":"checkamls.cfd","domain":"checkamls.cfd","tld":"cfd"},"ip":{"addr":"172.67.184.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T01:47:48.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"checkamls.cfd","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 May 2026 10:46:20 GMT","end":"Thu, 13 Aug 2026 10:46:19 GMT"},"fingerprint":{"sha1":"86:18:3C:16:C0:F4:E3:86:3B:EB:E7:32:7E:D3:09:5F:19:AF:59:7D","sha256":"A7:9E:CA:EE:4B:20:6F:FB:C7:74:59:89:DC:A2:BB:D4:C6:B6:1B:D1:5B:86:FA:98:E1:0A:6F:BD:05:59:9E:74"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: checkamls.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 01:47:48 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Thu, 28 May 2026 11:31:30 GMT\r\ncf-cache-status: DYNAMIC\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=99WS%2BbcNQWcswIwhyK9grZIKa%2FSTGV35RG8QcvUV%2FmyGH%2FJLBVPc9CQPVohpVuMlg8Jvyf8%2FrRd%2FGrqm5vYuZveR%2BN%2BZSy3oHXqXOVZMr0oT9wnXCyZgYTTnv1SuCELb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: a03a12aa7befb51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2468866,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (58993)","md5":"e6a3388fd04ed2ac86079210e5d99732","sha1":"9be80f498e7b31d98612f998c279ad9c13eb9e33","sha256":"eec21b4bc23c1254ab3efcb771b12dee920853e11cc59e79fc1b0cb8f5b9fdc7","sha512":"cefeb1e89ff9eccfb094b339c0ff71cba14d8a70815e4c84cf83d5142a1c35628d618aaf6a5c8c023cd3f90e254b102bb21e61809915c2658da056c95a0dacdf","ssdeep":"24576:sCdLdw1/rMakE4Lfwq/rMakHZLJw7/rMak6OLvwv:sYWqM96ccv","tlshash":"612512b1602a4851d12704abb1cf23d6ae7cb41764589e24bedcbe814f88de0797d7f8","first_seen":"2025-12-02T10:58:28.457987Z","last_seen":"2026-05-30T02:13:09.847179Z","times_seen":16,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":145,"dns":80,"connect":27,"send":0,"wait":162,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"checkamls.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}