{"report_id":"06c0de81-4704-4abb-8182-1cbf1377e62d","version":6,"status":"done","tags":[],"date":"2026-03-04T02:46:51Z","url":{"schema":"http","addr":"zaixksi.jingyi-edu.com/?3504923.html?gaomingezodkcl812718","fqdn":"zaixksi.jingyi-edu.com","domain":"jingyi-edu.com","tld":"com"},"ip":{"addr":"198.2.207.81","port":0,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.yjedsgnx.com/register","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"title":"尊龙凯时 - 人生就是搏！","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zaixksi.jingyi-edu.com/?3504923.html?gaomingezodkcl812718","fqdn":"zaixksi.jingyi-edu.com","domain":"jingyi-edu.com","tld":"com"},"ip":{"addr":"198.2.207.81","port":0,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T02:46:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"3s.hqvai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"awscloud.servicefu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"zaixksi.jingyi-edu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"ips2.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"best34478-go66.kwarmirtile.com","ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"domain_registered":"2022-11-21","domain_rank":0,"first_seen":"2025-07-30T04:41:26.908502Z","last_seen":"2026-02-26T23:13:36.688188Z","alert_count":70,"request_count":70,"received_data":3974196,"sent_data":35864,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"awscloud.servicefu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-11-17","domain_rank":0,"first_seen":"2025-07-30T04:41:26.912534Z","last_seen":"2026-02-26T23:13:36.590759Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":489,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.yjedsgnx.com","ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"domain_registered":"2025-12-04","domain_rank":0,"first_seen":"2025-12-26T09:45:25.240844Z","last_seen":"2026-03-01T07:46:34.802517Z","alert_count":42,"request_count":21,"received_data":90034,"sent_data":21043,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"ips2.io","ip":{"addr":"154.38.220.231","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"domain_registered":"2020-12-09","domain_rank":1673908,"first_seen":"2020-12-15T05:28:49Z","last_seen":"2026-02-27T14:22:49.180017Z","alert_count":1,"request_count":1,"received_data":176,"sent_data":589,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.25.3.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"3s.hqvai.com","ip":{"addr":"38.150.72.238","port":443,"asn":142267,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"domain_registered":"2023-07-06","domain_rank":0,"first_seen":"2025-04-11T05:52:01.877221Z","last_seen":"2026-02-26T20:07:25.499975Z","alert_count":2,"request_count":2,"received_data":883,"sent_data":1102,"comment":"","tags":null,"fingerprints":null},{"fqdn":"344a78img.a0008a.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-04-03","domain_rank":0,"first_seen":"2025-07-30T04:41:26.918474Z","last_seen":"2026-02-26T00:11:53.589793Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":487,"comment":"","tags":null,"fingerprints":null},{"fqdn":"zaixksi.jingyi-edu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-03-11","domain_rank":0,"first_seen":"2026-03-04T02:46:56.158687Z","last_seen":"2026-03-04T02:46:56.158687Z","alert_count":2,"request_count":2,"received_data":28770,"sent_data":966,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-01T22:20:53.525798Z","alert_count":0,"request_count":1,"received_data":456343,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0e885d.d9c8f912.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"714711cd68f029edafa6ab087f7dfe93","sha1":"6354f9ee41d4ee9a3df124281bd22e0c2d507370","sha256":"f2e041275dff90ac47488d2f49e161dd21cd8ecfc35f4ee81e0c816afbe3f7dd","sha512":"4d4ac7873175e901262fdf880c5cf54417a4e0fb66cdfaea94867dd99cb76f71b4dd3a2e96e70bce9b71c48afe64e21c3e30f15f12817d0c65f8294b315fcaaf","ssdeep":"","tlshash":"80d02b5e3081f44515bea5ec516f6391aa7b39a01e5624510d60b0d07734489812168f","size":257,"data":"","first_seen":"2025-04-27T22:25:38.191844Z","last_seen":"2026-04-04T10:02:38.91026Z","times_seen":18205,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-8FRE3KY7VN","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a124aca9a33820bd7cd2c1747fb8fc","sha1":"c4625fcd4be297ccdaf5ba8f5758700bb178ec50","sha256":"a9f05ac54b62681e11fd4f660edee8e3875f55f1136f701818196f7af34e42e5","sha512":"469a833182e99d3eafea55ce8b916c73261c95c20045d8e9765a587322b2da4cbc38bf58ad5088c1a70ecef96bf7cad27e69d41d6729ac93dc3c64432fe10b2a","ssdeep":"6144:DPXRiRcWyFwFl5MGJEf4Sp8dYqEGiQybJbCebVLQsPRgApN3q:dmpyFwFld2p89ebaR","tlshash":"f2a419ce73c670225296f478503f018ba57b68a2b45ccc96f199cce42e74a9a4277f7c","size":455739,"data":"","first_seen":"2026-03-04T02:45:50.500581Z","last_seen":"2026-03-04T02:52:46.261978Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0a3529.c166e1a1.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a3ae42df44a01557a7182f000a7cfcb","sha1":"1ab42fd4fccc139fc48e075e54b64f506f9e2f0d","sha256":"b22cd2d8ffdfe96036d9a824863f3342126a8ed17615bda1a1ca1774964bcbc3","sha512":"b2fadab7e2d28ffa1ed68abcfadf998070c75ba941c370d99990eca9502a714bd45d2ecfd0f9b4918a144d711c66a30953ae80ac2088f13eec1896b75e7f6e91","ssdeep":"","tlshash":"5d1176cdb0c1f4c48637e0a8306b329ba33f28956c0999958f95b0d67b21158a762b9f","size":881,"data":"","first_seen":"2024-12-28T16:15:55.716131Z","last_seen":"2026-04-04T10:02:38.825038Z","times_seen":18252,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0f0692.0504ba0d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bdd0c7a665400d7d85f52220b49e2158","sha1":"181c07b03ec182a9ca7be4c7c1ce4aa340eccf24","sha256":"9a0bfde4cdac09bbd966cdf2f175686e833952339cc1117ea61aa7a0bd5d52e4","sha512":"73f146cf75df0c4553c35ccfba04f1faf010befb92a482d13e9c150610174693e63b9b9bae6c764874cc3e0b849ca1e1f122dc01857dd87af02d0c8cb364cf89","ssdeep":"48:lD/rF5jQ9VcKRlWdV1HwiTGWiC3DQVUbBubKDeAOnRenMERUuTFHMllxbXxK/ebM:Ro9VcCa5FYKJatULxkfNmb","tlshash":"d991e88db1c2f6940737a1b4c0bf219be77e2ce1784a96508e91b0e17e24165b773a1b","size":4218,"data":"","first_seen":"2025-02-20T10:16:23.066778Z","last_seen":"2026-04-04T10:02:38.923222Z","times_seen":18349,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-01ee470e.a3d50b05.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e5f1c43ece9ed339203056efacffcc57","sha1":"2589bb954da153b886f9b4cdad520f4fe528ae58","sha256":"60ee48c5c21171d648248e28a25012199ba7a99c93c5a3c4fe63b7f898668199","sha512":"22f524efd41dc39f7332dbfbe23a8a8f1dff74f42f755079c9e00d972863f9b54b3e3aa14b69159b03dba6af492766ef5d6794130ad14d4a2925860ced5b873c","ssdeep":"1536:Ix4PNjoBpSRXs472UzgYFLIENqFLWo1S/YUqDRmEyTOOwnCFypj67DaJuXvll2YQ:Ix4PNjoBk5SaNgFHviXv5dEHvWCntww","tlshash":"25e3098cb2c6f4b94ab371a1203f2506f3715ec4a419e544b638d9c1ef9486d536eb3e","size":151176,"data":"","first_seen":"2026-02-11T20:26:16.593965Z","last_seen":"2026-03-05T02:04:20.372017Z","times_seen":1400,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-f2895cd8.231b68ee.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"59bbde6ff8030fd5793e4c55aa1f421a","sha1":"e886e7989289635d69dac2048e8a5b0d7a1c2f8f","sha256":"acdfacb39db5a8dba2901273cf10fb5cdece229aceb541e684091ae5923ad119","sha512":"815ac127968e285be86b574a2e460eeadb385f77768289f564573231660075f53efa2e31d13411ac08e0b5fad4f6407c469f38a4f43dd0e3ccdc58b2a41b7b97","ssdeep":"3072:OOofIp+cF2PpQw0wPVgSv+yj4yBtblt1Nq7jRa1Qst8VPfOooWC:Ou+0itbla1c","tlshash":"2304f889b6d2f4b50aa7a0e5002f1106f23a5e49b81ad099f774d8d1edb4c4e533bf78","size":184659,"data":"","first_seen":"2026-02-25T11:07:02.370406Z","last_seen":"2026-03-05T02:04:20.42487Z","times_seen":232,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-3b31b386.46091465.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9bb9c28a2ea36dacc29bb61343ce1340","sha1":"a37792a198d20d23480bf744eafde7c3a31d3766","sha256":"0f7518d25f36e799f5d4364c4712cece7f372d5a46e0842efb5966656391d214","sha512":"bbd51e240e9c38df83012fd2d1fed3052c678474967d6cc02f255e96f805cbb5256147919ac5302171cf660347581e952f62d2aa9b04bdf2dd2bb1300bfe1e0c","ssdeep":"384:JGaZPEJE2DaFsEszsyD9fxEb1zOqxCTAcp+SeFmuVPV1VX/vL0gHPp9bvEdnWak2:JGwPE6k7YNVTtjNakn2","tlshash":"c2c2b69cb1daf0860fb260b054bf5107f27a6d98a80994c1b970e4c17db4e96a372f7d","size":26895,"data":"","first_seen":"2025-12-12T04:38:56.896059Z","last_seen":"2026-04-04T10:02:38.858419Z","times_seen":6338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/saconfig/secure/yunwei.js?0.35993051131508724","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fcc9440f7a59f458b991fe0ed0ad70b6","sha1":"b5a3b71d0872d6a240c5ac1a02cf40d83b7a9118","sha256":"06445e94c0f0be86d20e1c995f901722de18f4798316ebb4bfbdf88b12f830bf","sha512":"9f31b0e965103b8cc9d3fecb5a5cde16012535943953d1ac8a5c380ad6e8cad20a776b763f0659f0547d6ada03e88543dda9bcf43ece846d2a581b2ecde77888","ssdeep":"","tlshash":"5f2175e74898c91812b04298a25f3f48ff501b2710c38c5bf5be11802f3b57eb3a1994","size":1347,"data":"","first_seen":"2025-12-29T13:32:32.227692Z","last_seen":"2026-03-27T08:03:34.249462Z","times_seen":5374,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-vendors.e3af7139.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a7a700a35995235565f04c1f16c4425","sha1":"4b23bc5d5c3e42ebf3ab81de227c4cb61dce8040","sha256":"8eb5bb2709c4d6727b08fdedb318d92f957b499c3dd9b092caaec0e61e088be4","sha512":"038528acd5b5ae3282c695519f90e34c63cf4dce8b33f13fc2cdadd2351e45c141936dc4ca5835d028342cc68117ba665546ee23c395eb8b6bc1b2d793ab0e46","ssdeep":"12288:/L6dFoDNRsesoamsW0ABExHAv/qsSANCicR:j6dFKPszohGmvLSANCtR","tlshash":"4f250a88b791b06143a775e4002f500bf27bba6da40e44acf669d4f5bcb894e553bf38","size":1006093,"data":"","first_seen":"2026-02-25T11:07:02.265443Z","last_seen":"2026-03-12T02:08:12.158924Z","times_seen":286,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-78c8c59b.5d16164a.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"58432c13596178ce8132f34ba9ab41e8","sha1":"633a66579f9f63cb5a5a0da66420cc5d18a4ffd7","sha256":"dba26d1bee82335ba89ea54bd55e746316919c6d1264d6452041e54e065a90cf","sha512":"c588b43351fc74373e9396e57d387997336fe4ab48ff89092863a314b262d895d1383b9a9d184e2d72c9b40c530db21ec43579962816d2a26965914b88882c75","ssdeep":"3072:Iz98tbsQZQUNJ3ak9uPRj+n55b7cQ0fG9l/lARKJ4P43HdIXRb2CqFF+sPXIt3mF:ltb1l/l9Hy4iK","tlshash":"12e3e849b5d7f4b90af76162103f3606f03b1e80a419e099fb38ddc19aa491e527af3d","size":146768,"data":"","first_seen":"2026-03-03T06:51:57.079486Z","last_seen":"2026-03-05T02:04:20.429013Z","times_seen":82,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/js/news.js?0.5487611980953083","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"973741c799383e7ec2a1240f291b74f9","sha1":"5072708f9579918b1ac307a1cc32a5dccdb39cb4","sha256":"5dfa1a006dc84137e102aa9143f8ebce25ea3c47f77f6b7fea9387b7df73d492","sha512":"b3edc04151ecd5414e74bdc0071d14157f256d2df61570f28c5857fc346a08a129c216b7e95783f2d37ed7f93248c02584ac348840beb77423059f43fa32dd5f","ssdeep":"384:682v44a41FyDJLFY9BoHUCS9UZuA9n4/LpalQ:pxON2YA9n4DpZ","tlshash":"6e524b3b632dabde180906ea0b058018780c2faf58336b54fff395ad20ec9564b7596d","size":14008,"data":"","first_seen":"2025-10-07T13:03:07.37578Z","last_seen":"2026-04-04T10:02:38.924147Z","times_seen":16948,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/remove.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"94ed439cb8de35a91de9bdad32469b29","sha1":"ae3e44a863b6dfe4e1fc2a007cb12a6890e17a9a","sha256":"a65d0eebe0466b32a77d96350fa3d63983cbdb6d2cd7b7ae7bfc03222e7f5430","sha512":"6b9206d6203b2e75f4883c2bfc79cc7c0020855c5e7c68c84ca87d924feff1f10275178174f08d4a98e7ab908a5e024af483e08384c3c8b44210372ecc500fcd","ssdeep":"","tlshash":"0eb092ba3241c66556c62f72a426a20c7fe930136c0ad07053040471d420eda10f7edb","size":124,"data":"","first_seen":"2024-06-10T01:44:34Z","last_seen":"2026-04-04T10:02:38.86685Z","times_seen":13532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-5ed6725d.fa14b133.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"feded89ac2fe52672be87cc3f69bad2b","sha1":"62f014bd8747ba4dca1052825f4597e326a5a294","sha256":"556d7c5a3a70f03afc4179876ff711633c465b9b4c07d25f1dd853246f9c902e","sha512":"f19db99724c10f4ac3593de9691b2061e634c10e29a593fe8c0c64ef781b5578cf71373f797b8aca90d6b3d7e68a311463fbe378a3ce605f5a754281ed621c93","ssdeep":"384:PEg3t1oNCBxjsuyaTRAadc+eMzeOHvzd1cRfFldxUbq47:sWeixjs5aFzdcwBzcRfndxD47","tlshash":"78b2844eb2c3b04527a3b068451f790bb3b93725648fc584f6aaded0a93d82f5272d1d","size":25675,"data":"","first_seen":"2026-02-25T11:07:02.350737Z","last_seen":"2026-03-12T02:08:12.164077Z","times_seen":378,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-74598ce2.53510329.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"055d4d35afef91473e347b39bc038786","sha1":"091d82536c19bf49ee14c8171471e9a12cae5947","sha256":"310fd4fd18bef0f3f8d20ae1a56fa560b3e29692742106c7f92443f336a38443","sha512":"efe18abe9661e52b7692b949d102f254aaa76a0e3c2166063d611773e3441c365ab7f36904642f3685498ce7100d1d1590509a86867331f200d424fd6f630bb5","ssdeep":"","tlshash":"13016dad7281e0d04fd690a0c077a3aff6aea9a07d49d32089a1e0e137105eb6123a47","size":745,"data":"","first_seen":"2024-12-14T05:41:20.950845Z","last_seen":"2026-04-04T10:02:38.885309Z","times_seen":18313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/js/abc.js?t=1772437211685","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"36b4adfce841f9a9b381d0845df16141","sha1":"a2b55da08e0d61a1c5e04af54f0b2b88b8c3f2c2","sha256":"58255f4d0b9330088342ef7c3a324b129ea9ed3080a9533e9154d32e2b23c05b","sha512":"fdb4d7b9bc8d01094483fce090c5243f428842ae8bb67b586d7ac978e1e32990498cdcabeb305389f1d84a6f1288991de02c90e825172b5889a9dac3edb99cb8","ssdeep":"384:WRYeJEvdEyGcncMWw9mdhL3EfcuJ0ighG6d67blvJdh/uB:8YeEdEyG24w9IEfcuJ0LG6d67blvd/uB","tlshash":"aea220550e5660149b6317bf7a2fa4e4e7b209270d44aa4fb61c6100efce62fedb0638","size":23276,"data":"","first_seen":"2026-03-03T06:51:57.057582Z","last_seen":"2026-03-05T02:04:20.459763Z","times_seen":83,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/3s_web_detect.js?product=344a78\u0026module=frontend_new\u0026v=20250507","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d14ddc3e8bc1dc79357b74159f71f04","sha1":"12df5570db8c8deb75256ec7aa78c50955bf8a41","sha256":"8b252c8fec657c4596fdc851ccfdeb8ed1c9b2433f19f63d643eb1d0275d669c","sha512":"6fc44d271e892bba6d48fe9ddbdde790bb336538f7e5925e00954a832530727524285dc7132da036117e2dc27424be78f740ea87192664c3ce1d64d87f3f0ba5","ssdeep":"768:N52s3s7wTspsksLhsN5AOzYGwDgWRb/AM07OTQpzfxe5qefL:NsojTQp2hIUgWp/AM07Tfxe5x","tlshash":"b7232a9d718a7075437366e9273ff208b0766aa0240e8400bb7695853c74e5be27bfed","size":45750,"data":"","first_seen":"2025-04-27T22:25:38.185365Z","last_seen":"2026-04-04T10:02:38.907924Z","times_seen":18535,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/fingerprint.min.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb3a87af78d24452e4b4c94427e5444a","sha1":"f85a210257a5878a075d3cf55109233aae4639e8","sha256":"00c7520bc1f8deef83b091924e25f5cffe6a6d22965d95bc6b790695b785c5e7","sha512":"5b7bef606d230310bba22124ad98e772a5e9e762df99a7d69cfa5ebd2bf4f267ab0254d8b9533be147c7ccdf6e7c21a6400a9ad7ea6cf0a0f728e7f55364873e","ssdeep":"1536:NSCtfIkmxPDB+nQZPpasUiPXHJhiSfa+yee4yGqvBFcbrtgJFc1N:MCtfIF1aUPpasUiP3Jh2+yN4y1A6jwN","tlshash":"8393188571e77424039250e5052f040ab23ea96d745e90bdfa6dd8e2bcb5c8e523ff78","size":89655,"data":"","first_seen":"2023-06-01T06:54:23Z","last_seen":"2026-04-04T10:02:38.896164Z","times_seen":18683,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/app.08ecfdb1.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9faf2997e8182f4ea27a1f6445ea6ab","sha1":"6e7e53f4513ca6bac42d6e38594a66e3cac39ecf","sha256":"cf7e902209d57ea1a515cbfd17b61d1d6fda411d2004ba7a33f8dd084d6713bf","sha512":"4038daf17d8a8e479e553e0c05ee18fb72426f59f44709535ef160f345f5a51269b0ae39245f58ff77ebd7ab0513a5d375029d196b1e1537837e8e1094b26246","ssdeep":"6144:rioJSV95QaQY197ewgWFnDv02DHAXfrn1c0vxWCJ:wtt19bFj02DwFJ","tlshash":"b6e4e8ed75cbf199076335b2612fb642b1aa7c41742e8522f734dcc2f550988a333ea9","size":664615,"data":"","first_seen":"2026-03-03T06:51:57.076353Z","last_seen":"2026-03-05T02:04:20.404242Z","times_seen":82,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-c045d38c.b80a1b4d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f8c5524a2bcefb34c1f66c95d9596ea3","sha1":"2d82db3bfdd2952df9ef079ee7787b282596e47f","sha256":"de24c81f3372531294ee4926a24bf92ee9f0611c3267e3b635c1db9a0218bf90","sha512":"b28b4307cb0172bb3f57286546bde289dc876a2ffe588c599eade18210a42eb3f4cd2d9d51c65a78f74aaa7c45003a1844323ef9e854f5a55f12b025395687ab","ssdeep":"768:OnU18iiyn2IplB3skTfys9aVqB0pZy9U901vNqV3lrTrCKRzISQ3Q49NzKfhCKWl:OFs1TfyqBquqJlrxFgh2zse0D","tlshash":"d943d588f695b05903a764a4002f140bf1bae928b85d58b4e751e4d27cf8eded07bf78","size":57229,"data":"","first_seen":"2025-11-20T02:21:21.469468Z","last_seen":"2026-04-04T10:02:38.897837Z","times_seen":10909,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-57cda438.f512d899.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8e0606efa56e48572d5dd7473c6043e","sha1":"ee928da7cea532f572842690068148748807df6c","sha256":"2c4e2e06df2c7d7e395bb7f7ae9d1fdfc96f6938225c68d02e948baaeab55133","sha512":"03beb204e4611ca4ae8e162daaa88ca09c0628720d3a1b7e3b3c68b734cbce97373955fed066ecfe628f310e8e521bb325ff97d13f55add216439bac5604f6b4","ssdeep":"192:bnE2JstMcPkbFp+O+lWYv+/hWFwEaOGAtkXfAnAqgQ7JehJ/M23nAzuQRRd:bnNJs+cCFp+OWT+ZWFwEaOrCEe5yuQzd","tlshash":"e7a2d1d936c0b066a3632a78413f391f70e29b51e94fce50be6bd2c0b96a0fd1257d49","size":21397,"data":"","first_seen":"2026-01-30T09:26:23.715514Z","last_seen":"2026-04-04T10:02:38.867647Z","times_seen":3379,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-24dd02d3.3e0142a2.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c5d4db2eb8bce648ef88c2d779142d8","sha1":"83d3c793ca0a7b4422ad14aa7c6ebebb6aef6263","sha256":"0a8d3ea31265201d3822648c6ef2d38287663a83ce22e9030d00a2c4918fba86","sha512":"78e58239c9b0b731eacc7cb1d28879bfe37cec97cd0770e0e63482ecde1c8641b1d1d0978712ecd07b193986356384c57cbe311a6371a82d1d499df7e8ed7cb5","ssdeep":"","tlshash":"8651a6ac35d3f6765776b67de0271249b3996d95240e5d12eb18f8c2b300c1ae2323d5","size":3061,"data":"","first_seen":"2025-10-03T04:20:57.632354Z","last_seen":"2026-03-05T02:04:20.441783Z","times_seen":16191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0d0bab.cd2fc1a8.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81888f1215e269075e2836e59416c641","sha1":"3dfe5514fab77fcc66863e0416350ddfe579ae56","sha256":"abfe652a8d79b5306640af6c84fcc499efffb37eb74f3338efe43daf80ded445","sha512":"1ca856180b5a2ae7de26efbd6ee13cb0480bd1c2836489d9c2fa553c04ace4950692ee58652008d3c8f7f70fcecbe48adb47ee37bbc0050ce4f6b9b8e6a6ac4b","ssdeep":"","tlshash":"44d0c29d7081f02808e7d9a5617fb3a77babbd842e07dc504d5490703a315ea5721acf","size":286,"data":"","first_seen":"2025-04-27T22:25:38.233173Z","last_seen":"2026-04-04T10:02:38.868455Z","times_seen":18132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-96005406.dfc809d6.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8439ebded5a4601039d488ec0800cb1","sha1":"03652fd8dc3e3e4ff222812c7dd50d789e64cee6","sha256":"d4cc9c1fa1bbb8d1d0d6df043c2d8f363978c63e9a33e9dae8e4fb9629a33a3a","sha512":"0979624238d5da3795041e0f7fd1e1c39c1b9e88f63aaea4856b1c3133086351cda07a96ebb99817b1626f90a1b3a3505f21c141e143e373ad12c6809a258baa","ssdeep":"192:bBLutXUqVvXco661Gik93nS7mhmpeWy5W5mYy055memwcBS+Z8bEMWB5p+/pSVi/:bBSltcokyv0Sw8bErpip7oIgDKjVd","tlshash":"2f9243cdb6cbf86003767170402fb106b67968807c4b9a49fa54e1e37e6046da276b7b","size":19857,"data":"","first_seen":"2025-12-12T04:38:56.826961Z","last_seen":"2026-04-04T10:02:38.892091Z","times_seen":6351,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-143a7152.0b1b0d14.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"861d5e59d4e707f685d217adb405a291","sha1":"4f56b83bde4d00b1085043d393f98aa2f49e1c03","sha256":"44fef1002101067f099d7053f4bbae0300d209461bacea49828d32646eb6d5c0","sha512":"26b963a07489f8b358488f0c35efc27f8cd16452554d57fa38e0b92e263a07981e60ca02fa1728b9e7c3465e96c12ae8661c8340ce582e41d9dd33966c96be80","ssdeep":"192:hR7nlHVIdJsZHW42RvSjW6UlFvyk1X1ZIhMPHC+VqNQCQLfOJp3dMqDuwGyeUZ7k:hR7IdJSE0W6UWjhyHCt+yeU5o","tlshash":"d782d89db2c2f0b15aa370a5502f610bf3355d84704ad1c1d238d9e0edb89ae437bead","size":19010,"data":"","first_seen":"2025-11-20T02:21:21.426791Z","last_seen":"2026-03-05T02:04:20.439075Z","times_seen":9937,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-218c9962.5d3f989b.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc1de173df03e26bfc6bd8fd052ed56f","sha1":"9745b1461cdc35b85abfeac7cb103707409e61db","sha256":"95ba2598a70e9252ec1aaaf789ab379b909562e1d6de3f015d7bc12492a9a48c","sha512":"4735b3b548a003d5d67c5c6399349a26ac815c61ecaf322ab469c0a512e83a800bf87a4263552f08a09821f1cf4f86b3d9291237c442799bdc09627f417099a9","ssdeep":"3072:pXVNfYSq8kyb46d9G4qQ/WmfH76LZL+kkIZJSB:pnfxkybDG4qQ/WmfH76LZL+kkI7SB","tlshash":"68d30889b31071a591e72256539e810263b35855b90ad0e431b6c8dbacbdd9c03ffffa","size":136351,"data":"","first_seen":"2023-03-07T12:21:20Z","last_seen":"2026-04-04T10:02:38.93107Z","times_seen":18483,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-62938ae4.1a3761ef.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3815bf3bb10dd5e1e02aac55c226b427","sha1":"f58cd168a5e3703ecff57ddf96744644ff493748","sha256":"37d75259dada6e6f6fa228b8596bc23d4d52fcbc5187d4298bf44224b65e8d3b","sha512":"68ac65be94020f6459f7ffcf57e69882b1a434867a8d1eea85325f754dcb7fd15316cd226fd0c5596836005b2301b3bb5af059d77758c45463a299cfa3e436a5","ssdeep":"768:dkvNvD9M/D3jx3MywSsSLF4WNWHJRW0lRqf10d+evmawTy9t2iJIsD/AwoHeC:0vVlMf10mZT6oiJVD/Axb","tlshash":"a8131918b08af1cf4e7370a1a41f2583f1a61b80d109e9a9f774d5c1e795d2d239e93e","size":44636,"data":"","first_seen":"2026-01-30T09:26:23.68339Z","last_seen":"2026-03-26T00:24:46.177279Z","times_seen":3190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-a9c7c5c2.2f7eb39d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"840fcfac4787230525796bb8d2a1b0a0","sha1":"2725a9c5bfb86bd2bcce36ff1795f2b0e6ca04f2","sha256":"012967ed7ffa710ca13c29f6a5a8cdf387117a649ef4da2fa457edb6f7a6d3e6","sha512":"dff797a96127b4db4901396c99ebab3c6fcac68e0d04e35fef82ccdbe188f73559fdc9c92d2dff13abab73fbc8d8dba28952822240f1ac237114836164e0734c","ssdeep":"192:ELSBzM03RDZG2PB1BxVTHKnA3NgpckeXtXgpY7zREgtk4EC1H1BxU:E4M0hDZR7bdustw14XVM","tlshash":"6a42d86cb186f172cdbbb2e3684f1595e3a61a4c480484cdb970eec65dd8e44632af3d","size":12890,"data":"","first_seen":"2025-12-12T04:38:56.876673Z","last_seen":"2026-03-05T02:04:20.456908Z","times_seen":5369,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d22c4f1.fae6d28c.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"166690ac780d03f8314a059f428a604c","sha1":"55242f5db60e06a61d4a798faa2bc14a94fa6277","sha256":"c2e827497b807a6b5ef6a5fd659b8890dde8ab13b04999aa2d6d9b6cfabdd9d5","sha512":"91ccad9b65336dfa6fd1e42529e0aac0d0e3d5fe7b4d339ffb2cd5e4a7905f1f2a5b645825aa30a56a7f3cadc782e95069b1d66c0b676e952885415cd2d9243c","ssdeep":"","tlshash":"52d02eae3041f420197ea5d410af33b6e2af34942ee914240ee0e4e03a618cc643164b","size":246,"data":"","first_seen":"2025-04-27T22:25:38.207325Z","last_seen":"2026-04-04T10:02:38.882705Z","times_seen":18272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/remove.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:27.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/static/remove.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:37:54 GMT\r\netag: \"699bf988-7c\"\r\nexpires: Thu, 04 Mar 2027 02:37:54 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:37:54 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 124\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"94ed439cb8de35a91de9bdad32469b29","sha1":"ae3e44a863b6dfe4e1fc2a007cb12a6890e17a9a","sha256":"a65d0eebe0466b32a77d96350fa3d63983cbdb6d2cd7b7ae7bfc03222e7f5430","sha512":"6b9206d6203b2e75f4883c2bfc79cc7c0020855c5e7c68c84ca87d924feff1f10275178174f08d4a98e7ab908a5e024af483e08384c3c8b44210372ecc500fcd","ssdeep":"","tlshash":"0eb092ba3241c66556c62f72a426a20c7fe930136c0ad07053040471d420eda10f7edb","first_seen":"2024-06-10T01:44:34Z","last_seen":"2026-04-04T10:02:38.86685Z","times_seen":13532,"resource_available":true,"data":null}},"time_used":1273,"timings":{"blocked":428,"dns":1,"connect":212,"send":0,"wait":412,"receive":0,"ssl":217},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/fonts/zl-fonts.ab79dc9f.woff2","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/fonts/zl-fonts.ab79dc9f.woff2 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://best34478-go66.kwarmirtile.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: font/woff2\r\ndate: Wed, 04 Mar 2026 02:46:27 GMT\r\netag: \"699bf985-80c8\"\r\nexpires: Thu, 04 Mar 2027 02:46:27 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:46:27 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 32968\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":32968,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32968, version 1.0","md5":"ab79dc9f9feb2102e4dde4c9ca845474","sha1":"e429eb21664969d58a1e21f14dabeb2dd46ea2a6","sha256":"7464bc7aee6809d09ab918e1a1705e52ec554974a583a2f962bc4cba0ece0ad6","sha512":"8c7a5304699c78cb916599d0a7b0ea5d7a3b9a99c946e1a44d712edb3c82612a0b6b540498d81c4f1fc27b6dba4644f09bc4bc03b428cefc656fce20ccc76ab1","ssdeep":"768:N/ogWnfQeLzswH0+bFe0KOuat9/8moAhLBevTA5SQoetH7HS:N/oCeLzss0+52Olt9/6YLwTQSgy","tlshash":"f5e2e1deb6c2b05ac9b142b3dd8da885dd8426cc63504ff793c58024bc8c5d3e9717aa","first_seen":"2026-02-06T02:02:05.852445Z","last_seen":"2026-04-04T10:02:38.911091Z","times_seen":2850,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-vendors.e3af7139.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:27.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-vendors.e3af7139.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:38:51 GMT\r\netag: W/\"69a554a3-f5a0d\"\r\nexpires: Thu, 04 Mar 2027 02:38:51 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:38:53 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1006093,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"4a7a700a35995235565f04c1f16c4425","sha1":"4b23bc5d5c3e42ebf3ab81de227c4cb61dce8040","sha256":"8eb5bb2709c4d6727b08fdedb318d92f957b499c3dd9b092caaec0e61e088be4","sha512":"038528acd5b5ae3282c695519f90e34c63cf4dce8b33f13fc2cdadd2351e45c141936dc4ca5835d028342cc68117ba665546ee23c395eb8b6bc1b2d793ab0e46","ssdeep":"12288:/L6dFoDNRsesoamsW0ABExHAv/qsSANCicR:j6dFKPszohGmvLSANCtR","tlshash":"4f250a88b791b06143a775e4002f500bf27bba6da40e44acf669d4f5bcb894e553bf38","first_seen":"2026-02-25T11:07:02.265443Z","last_seen":"2026-03-12T02:08:12.158924Z","times_seen":286,"resource_available":true,"data":null}},"time_used":1481,"timings":{"blocked":431,"dns":1,"connect":213,"send":0,"wait":616,"receive":0,"ssl":218},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_01.459fa8ed.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_01.459fa8ed.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-9f6\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2550\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2550,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"15a50389f0b504579c3201a8f64b667e","sha1":"fa7f2b6df2db13b072953d8f61084761750723dd","sha256":"5b3b38691e2e119a61e8a141cd403e171d1e89cb64c40580f7f4d6e011d32599","sha512":"e27b0c1ac1aeedadc40c22d28a0b7af69ee31b86ddac3a29b326b8a00a12957e16bd1a24e335a82ac7753692d0d1494520ef50eecf96220f2699a43d0879fbe5","ssdeep":"","tlshash":"25517d60ff6af395ef1e000d488827a2519eb450eaf7c71b0a4758ffcb390015205ae5","first_seen":"2025-12-29T13:32:32.243592Z","last_seen":"2026-04-04T10:02:38.830442Z","times_seen":5251,"resource_available":false,"data":null}},"time_used":4160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3s.hqvai.com/api/v1/stats/collect","fqdn":"3s.hqvai.com","domain":"hqvai.com","tld":"com"},"ip":{"addr":"38.150.72.238","port":443,"asn":142267,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:37.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.hqvai.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 24 Sep 2025 00:00:00 GMT","end":"Thu, 24 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:1E:74:31:EC:AC:CD:B1:2E:D8:AD:43:C6:EC:9C:C7:F3:AF:C8:FB","sha256":"D8:13:B1:71:B8:7C:BE:95:8D:73:43:F3:CC:AF:7C:31:F3:AA:B9:C6:3B:08:81:A1:3D:B6:A1:A3:45:B3:3A:37"}}},"request":{"raw":"POST /api/v1/stats/collect HTTP/1.1\r\nHost: 3s.hqvai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 12213\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12213,"data":"code=eyJkYiI6IjM0NGE3OCIsImdsb2JhbCI6eyJpZCI6IjRmMzhkZGM4ODZjOGFlMjI2MGE2MWE3MzQ0YzljY2M4IiwicHJvZHVjdCI6IjM0NGE3OCIsIm1vZHVsZSI6ImZyb250ZW5kX25ldyIsImRvbWFpbiI6Ind3dy55amVkc2dueC5jb20iLCJwYWdlIjoiL3JlZ2lzdGVyIn0sImRhdGEiOnsidF8zc19odG1sX2FqYXgiOlt7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9pbWFnZS1sb2FkaW5nLmYzZDkxYjcwLnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM4OTg2NiwibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6NTg2LCJyc3Bjb2RlIjoyMDAsInJzcHNpemUiOjEyMzcxfSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9sb2FkaW5nLWljb24uYTNlY2Y4ZGEucG5nXy5hdmlmP3Y9MjAyNjAyMDEiLCJ0aW1lIjoxNzcyNTkyMzg5ODY3LCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo1ODYsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTAxODF9LHsidXJsIjoiL19nbGF4eV8zNDRhNzhfL3dlYlRva2VuIiwidGltZSI6MTc3MjU5MjM5MDE0NywibWV0aG9kIjoiUE9TVCIsInJzcHRpbWUiOjY0NCwicnNwY29kZSI6MjAwLCJyc3BzaXplIjo0MjR9LHsidXJsIjoiL19nbGF4eV8zNDRhNzhfL3dlYnNvY2tldC92My9qcC9wb29scyIsInRpbWUiOjE3NzI1OTIzOTA3MzgsIm1ldGhvZCI6IlBPU1QiLCJyc3B0aW1lIjo0MjIsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MzYwMH0seyJ1cmwiOiIvX2dsYXh5XzM0NGE3OF8vc3lzZGF0ZSIsInRpbWUiOjE3NzI1OTIzOTA3OTAsIm1ldGhvZCI6IlBPU1QiLCJyc3B0aW1lIjo0MTMsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MjUxfSx7InVybCI6Ii9fZ2xheHlfMzQ0YTc4Xy9keW5hbWljL3F1ZXJ5IiwidGltZSI6MTc3MjU5MjM5MTAyNCwibWV0aG9kIjoiUE9TVCIsInJzcHRpbWUiOjQwOSwicnNwY29kZSI6MjAwLCJyc3BzaXplIjo2MzV9LHsidXJsIjoiL19nbGF4eV8zNDRhNzhfL3Byb2dyYW0vZ2V0U2V0dGluZ0dyb3VwIiwidGltZSI6MTc3MjU5MjM5MTA3MywibWV0aG9kIjoiUE9TVCIsInJzcHRpbWUiOjgzNiwicnNwY29kZSI6MjAwLCJyc3BzaXplIjo1NzJ9LHsidXJsIjoiL19nbGF4eV8zNDRhNzhfL3Byb2dyYW0vZ2V0Q3VzdG9tU2V0dGluZyIsInRpbWUiOjE3NzI1OTIzOTE3MDEsIm1ldGhvZCI6IlBPU1QiLCJyc3B0aW1lIjo0NDEsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTY4fSx7InVybCI6Ii9fZ2xheHlfMzQ0YTc4Xy9jaGVja0lzQ05JcCIsInRpbWUiOjE3NzI1OTIzOTE3NTksIm1ldGhvZCI6IlBPU1QiLCJyc3B0aW1lIjo0MDIsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTAzfSx7InVybCI6Ii9fZ2xheHlfMzQ0YTc4Xy9keW5hbWljL3F1ZXJ5IiwidGltZSI6MTc3MjU5MjM5MTgxMiwibWV0aG9kIjoiUE9TVCIsInJzcHRpbWUiOjQzMywicnNwY29kZSI6MjAwLCJyc3BzaXplIjoyNDA3fSx7InVybCI6Ii9fZ2xheHlfMzQ0YTc4Xy9saXZlQ2hhdEFkZHJlc3NPQ1NTIiwidGltZSI6MTc3MjU5MjM5MTg2MSwibWV0aG9kIjoiUE9TVCIsInJzcHRpbWUiOjQxNSwicnNwY29kZSI6MjAwLCJyc3BzaXplIjoxODd9LHsidXJsIjoiL19nbGF4eV8zNDRhNzhfL21lc3NhZ2Uvbm90aWNlIiwidGltZSI6MTc3MjU5MjM5MTk2OCwibWV0aG9kIjoiUE9TVCIsInJzcHRpbWUiOjQyNCwicnNwY29kZSI6MjAwLCJyc3BzaXplIjo4Mjh9LHsidXJsIjoiL19nbGF4eV8zNDRhNzhfL3F1ZXJ5VklQTGluZSIsInRpbWUiOjE3NzI1OTIzOTE5MDksIm1ldGhvZCI6IlBPU1QiLCJyc3B0aW1lIjo0OTYsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTI0fSx7InVybCI6Ii9fZ2xheHlfMzQ0YTc4Xy9hcHBEb3dubG9hZC9jb25maWdMaXN0IiwidGltZSI6MTc3MjU5MjM5MjAyMywibWV0aG9kIjoiUE9TVCIsInJzcHRpbWUiOjQzOSwicnNwY29kZSI6MjAwLCJyc3BzaXplIjo0NjQ4fSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9pbWFnZS1sb2FkaW5nLmYzZDkxYjcwLnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MTY0OCwibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6ODM3LCJyc3Bjb2RlIjoyMDAsInJzcHNpemUiOjEyMzcxfSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9iYWNrZ3JvdW5kLjRjMzgxYmY2LnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MTY0NywibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6ODQ1LCJyc3Bjb2RlIjoyMDAsInJzcHNpemUiOjIwNzIzfSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9oYXphcmQtcmVnaXN0ZXJAMnguYTgwOGYyNGEucG5nXy5hdmlmP3Y9MjAyNjAyMDEiLCJ0aW1lIjoxNzcyNTkyMzkxNjQ2LCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo4NDksInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTE5MTM4fSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9sb2dvLWJhbm5lci1wYS45NTNiYTVhYi5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODIsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQxNiwicnNwY29kZSI6MjAwLCJyc3BzaXplIjoxNjg5Mn0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvejZpY29uLjlhYTdjYTk3LnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MjA4MywibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6NjA3LCJyc3Bjb2RlIjoyMDAsInJzcHNpemUiOjQ4ODZ9LHsidXJsIjoiaHR0cHM6Ly9iZXN0MzQ0NzgtZ282Ni5rd2FybWlydGlsZS5jb20vY2RuLzM0NGE3OEZXMi9hc3NldHMvaW1nLzIwMjQtbG9nby1iYW5uZXItMi5iODdlNDUwNS5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODIsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjYwOSwicnNwY29kZSI6MjAwLCJyc3BzaXplIjo0MTQxNn0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvaW5kZXhfMS41NjA0MTViNy5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODQsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjYwOCwicnNwY29kZSI6MjAwLCJyc3BzaXplIjoyMzIwfSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9pbmRleF8zLjc4NmE2YWUyLnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MjA4NCwibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6NjEwLCJyc3Bjb2RlIjoyMDAsInJzcHNpemUiOjI5MTV9LHsidXJsIjoiaHR0cHM6Ly9iZXN0MzQ0NzgtZ282Ni5rd2FybWlydGlsZS5jb20vY2RuLzM0NGE3OEZXMi9leHRlcm5hbHMvc3RhdGljL193bXMvX2wvX2RhdGEvdmVyc2lvbi92ZXJzaW9uQ29udHJvbC5qc29uPzE3NzI1OTIzOTIyOTUiLCJ0aW1lIjoxNzcyNTkyMzkyMjk2LCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo0MDEsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTY0NH0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2V4dGVybmFscy9pbWcvX3dtcy9lbnRyeV9pbWcvZmlyc3REZXBvc2l0LmpwZ18uYXZpZj92PTE3NzI1OTIzOTIyMjkiLCJ0aW1lIjoxNzcyNTkyMzkyMjQzLCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo0NTQsInJzcGNvZGUiOjAsInJzcHNpemUiOjB9LHsidXJsIjoiaHR0cHM6Ly9iZXN0MzQ0NzgtZ282Ni5rd2FybWlydGlsZS5jb20vY2RuLzM0NGE3OEZXMi9hc3NldHMvaW1nL25ld3lhcjIwMjYuMDk2NWUyOWEuanBnXy5hdmlmP3Y9MjAyNjAyMDEiLCJ0aW1lIjoxNzcyNTkyMzkyMDkwLCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo2MDksInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6Mjc3NjV9LHsidXJsIjoiaHR0cHM6Ly9iZXN0MzQ0NzgtZ282Ni5rd2FybWlydGlsZS5jb20vY2RuLzM0NGE3OEZXMi9hc3NldHMvaW1nL2luZGV4XzA0Ljg2MjkyMGM0LnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MjA4NywibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6NjEyLCJyc3Bjb2RlIjoyMDAsInJzcHNpemUiOjM0OTF9LHsidXJsIjoiaHR0cHM6Ly9iZXN0MzQ0NzgtZ282Ni5rd2FybWlydGlsZS5jb20vY2RuLzM0NGE3OEZXMi9hc3NldHMvaW1nL2ljb24tbWlzc2lvbi1jZW50ZXIuZTc4N2RmZTMucG5nXy5hdmlmP3Y9MjAyNjAyMDEiLCJ0aW1lIjoxNzcyNTkyMzkyMDg4LCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo2MTUsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTA4NH0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvaWNvbi1wcm9tby1jZW50ZXIuZjUwYTQ2N2MucG5nXy5hdmlmP3Y9MjAyNjAyMDEiLCJ0aW1lIjoxNzcyNTkyMzkyMDg4LCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo2MjMsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTE2NX0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2V4dGVybmFscy9pbWcvX3dtcy9fbC9mb2xkZXIvYnJhbmQvUEMtSlBzZWNvbmQtcmVnLTc1MHgyNTAuanBnXy5hdmlmP3Y9MTc3MjU5MjM5MjIyOSIsInRpbWUiOjE3NzI1OTIzOTIyNDIsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQ3MSwicnNwY29kZSI6MjAwLCJyc3BzaXplIjo3ODMyMH0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvaWNvbi1kdS44MDdkMjA5Yi5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODksIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjYyNSwicnNwY29kZSI6MjAwLCJyc3BzaXplIjoxNzQxfSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9pbmRleF8wMy5iODY1ZjQyZS5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODcsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjYyOCwicnNwY29kZSI6MjAwLCJyc3BzaXplIjozMTg5fSx7InVybCI6Ii9fZ2xheHlfbGl2ZS9wdWJsaWMvbGl2ZS9yb29tL2dldFJvb21MaXN0IiwidGltZSI6MTc3MjU5MjM5MjI5OSwibWV0aG9kIjoiUE9TVCIsInJzcHRpbWUiOjQyOCwicnNwY29kZSI6MjAwLCJyc3BzaXplIjoxMDN9LHsidXJsIjoiL19nbGF4eV8zNDRhNzhfL2dhbWUvcXVlcnlHYW1lcyIsInRpbWUiOjE3NzI1OTIzOTMxMzIsIm1ldGhvZCI6IlBPU1QiLCJyc3B0aW1lIjo1MzEsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MTYyMDh9LHsidXJsIjoiaHR0cHM6Ly9iZXN0MzQ0NzgtZ282Ni5rd2FybWlydGlsZS5jb20vY2RuLzM0NGE3OEZXMi9hc3NldHMvaW1nL2ljb24tdmlwLjU3YjM4NDlhLnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MjA4OSwibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6NDA0NSwicnNwY29kZSI6MjAwLCJyc3BzaXplIjoxMjM3fSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9pbmRleF8wNS5mMzE1MzA5Ni5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODgsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQwNDgsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MzEwMn0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvaW5kZXhfNi4zMWI4NDk5My5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODUsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQwNTIsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MjU4OX0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvaW5kZXhfNC5iMzk3OGIzNS5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODUsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQwNTQsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MzE3NX0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2V4dGVybmFscy9pbWcvX3dtcy9fbC9mb2xkZXIvbWFpbl9iYW5uZXIvUENINXJzZ3MwNTIwLTc1MHgyNTIuanBnXy5hdmlmP3Y9MTc3MjU5MjM5MjIyOSIsInRpbWUiOjE3NzI1OTIzOTIyNDQsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQwNTEsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MzYzNjF9LHsidXJsIjoiaHR0cHM6Ly9iZXN0MzQ0NzgtZ282Ni5rd2FybWlydGlsZS5jb20vY2RuLzM0NGE3OEZXMi9hc3NldHMvaW1nL2luZGV4XzA2LjFmMGY1MWYyLnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MjA4OCwibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6NDIwOCwicnNwY29kZSI6MjAwLCJyc3BzaXplIjoyODA1fSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9pbmRleF8wMi5iYTkwNGQwNC5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODYsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQyMTUsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MjQ4NX0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvaW5kZXhfMDEuNDU5ZmE4ZWQucG5nXy5hdmlmP3Y9MjAyNjAyMDEiLCJ0aW1lIjoxNzcyNTkyMzkyMDg2LCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo0MjE2LCJyc3Bjb2RlIjoyMDAsInJzcHNpemUiOjI1NTB9LHsidXJsIjoiaHR0cHM6Ly9iZXN0MzQ0NzgtZ282Ni5rd2FybWlydGlsZS5jb20vY2RuLzM0NGE3OEZXMi9hc3NldHMvaW1nL3psLW1haWwtcmVnLWFkLmM1MGVjY2NmLnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MTY1MCwibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6NDY1OCwicnNwY29kZSI6MjAwLCJyc3BzaXplIjo2OTc1fSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9sb2dvXzIwMjQuMDRjYjJjZjgucG5nXy5hdmlmP3Y9MjAyNjAyMDEiLCJ0aW1lIjoxNzcyNTkyMzkyMDgxLCJtZXRob2QiOiJHRVQiLCJyc3B0aW1lIjo0MjI5LCJyc3Bjb2RlIjoyMDAsInJzcHNpemUiOjEyNDc4fSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9pbmRleF8wLjc1ZTdmMzQxLnBuZ18uYXZpZj92PTIwMjYwMjAxIiwidGltZSI6MTc3MjU5MjM5MjA4MywibWV0aG9kIjoiR0VUIiwicnNwdGltZSI6NDIyOCwicnNwY29kZSI6MjAwLCJyc3BzaXplIjoyMDc5fSx7InVybCI6Imh0dHBzOi8vYmVzdDM0NDc4LWdvNjYua3dhcm1pcnRpbGUuY29tL2Nkbi8zNDRhNzhGVzIvYXNzZXRzL2ltZy9pbmRleF8wMC5mODQ3MzM3Yy5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODYsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQyMzIsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MjM2N30seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvaW5kZXhfNS5jZDQ3OGEwZi5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODUsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQyMzQsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6Mjc4OH0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2V4dGVybmFscy9zdGF0aWMvX3dtcy9fbC9fZGF0YS9mb3JtL3dtcy1mb3JtLWhlYWRlclNsb3QuanNvbj9lNWE1NDU5ZmI5NThlZTUzYTY4MWQyODI2NDQ5ZTg4YyIsInRpbWUiOjE3NzI1OTIzOTI2OTYsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjM2MzQsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MjQ1Nn0seyJ1cmwiOiJodHRwczovL2Jlc3QzNDQ3OC1nbzY2Lmt3YXJtaXJ0aWxlLmNvbS9jZG4vMzQ0YTc4RlcyL2Fzc2V0cy9pbWcvaW5kZXhfMi5mZmUyYTAxZS5wbmdfLmF2aWY/dj0yMDI2MDIwMSIsInRpbWUiOjE3NzI1OTIzOTIwODQsIm1ldGhvZCI6IkdFVCIsInJzcHRpbWUiOjQyNTIsInJzcGNvZGUiOjIwMCwicnNwc2l6ZSI6MjIwOH1dLCJ0XzNzX2h0bWxfZXJyb3IiOltdLCJ0XzNzX2h0bWxfaW5mbyI6W3sidGl0bGUiOiIiLCJyZWZlcmVyIjoiaHR0cDovL3phaXhrc2kuamluZ3lpLWVkdS5jb20vIiwidXNlci1hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEzNC4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEzNC4wIn1dLCJ0XzNzX2h0bWxfbG9hZCI6W3sidGltZSI6MTc3MjU5MjM4NTA5NiwicmVkaXJlY3QiOjAsImZldGNoc3RhcnQiOjE3NzI1OTIzODUwOTYsImRucyI6MSwidGNwIjo1NDUsInR0ZmIiOjI1NiwiZG93bmxvYWQiOjEsInByb2Nlc3NpbmciOjk4MCwibG9hZCI6MSwiZG9tY29udGVudGxvYWRlZCI6MTQ0OSwib25sb2FkIjoxOTk0LCJmaXJzdHNjcmVlbiI6MCwic2l6ZSI6MjAzNSwicGluZ2NkbiI6MCwibGNwIjotMSwiZm1wIjo2OTgyLCJqc2xvYWR0aW1lIjozMzQ5LCJmY3AiOjB9XX0sInRpbWUiOjE3NzI1OTIzOTcxNTR9"}},"response":{"raw":"HTTP/2 201 Created\r\naccess-control-allow-headers: x-requested-with\r\naccess-control-allow-method: POST\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Correlation-ID\r\nallow: POST, OPTIONS\r\ncontent-type: application/json\r\ncorrelation-id: 956bcd5ec1824993aea908baf654c1a1\r\ncross-origin-opener-policy: same-origin\r\ndate: Wed, 04 Mar 2026 02:46:38 GMT\r\nreferrer-policy: same-origin\r\nserver: FastServer\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\ncontent-length: 71\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"201","status_text":"Created","fingerprints":null,"data":{"size":71,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ff8f8a886d6a0016d0238067fd81df54","sha1":"acba952dd988c109670b41b39648723623e13fab","sha256":"086912ba36d51a2e33dda43af78481f105b7904718ef3b1e18c996f618416bca","sha512":"0ebee3a441bfc17f1188f92bf9b3b186a0dccd0b558f38399e07e97ab019055fe3b70b85999c086b50a15f15d04f01d96192bd006727ea032faf1856e9320c29","ssdeep":"","tlshash":"eca022c08e00af380303c032b808a0c002b8208300f8e208cc0c08fc0380b3200ce32a","first_seen":"2024-10-11T08:41:49.929622Z","last_seen":"2026-03-23T22:34:14.147783Z","times_seen":84,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"3s.hqvai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awscloud.servicefu.com/cdn/344a78FW2/static/cdn_test.jpg?1772592386814","fqdn":"awscloud.servicefu.com","domain":"servicefu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:26.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"servicefu.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:88:C0:D2:24:EC:6C:05:EE:9E:86:62:7A:B7:F1:CA:04:FB:62:4F","sha256":"FF:A8:3A:F1:9C:62:88:67:9F:4B:EA:BC:81:CC:2A:BF:CF:BC:9C:A9:34:41:75:C9:DC:D2:A2:14:6F:7F:DA:03"}}},"request":{"raw":"GET /cdn/344a78FW2/static/cdn_test.jpg?1772592386814 HTTP/1.1\r\nHost: awscloud.servicefu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":890,"timings":{"blocked":443,"dns":1,"connect":208,"send":0,"wait":0,"receive":0,"ssl":236},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"awscloud.servicefu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/js/news.js?0.5487611980953083","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:26.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"GET /js/news.js?0.5487611980953083 HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:26 GMT\r\netag: W/\"68e47548-36b8\"\r\nlast-modified: Tue, 07 Oct 2025 02:04:56 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14008,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"973741c799383e7ec2a1240f291b74f9","sha1":"5072708f9579918b1ac307a1cc32a5dccdb39cb4","sha256":"5dfa1a006dc84137e102aa9143f8ebce25ea3c47f77f6b7fea9387b7df73d492","sha512":"b3edc04151ecd5414e74bdc0071d14157f256d2df61570f28c5857fc346a08a129c216b7e95783f2d37ed7f93248c02584ac348840beb77423059f43fa32dd5f","ssdeep":"384:682v44a41FyDJLFY9BoHUCS9UZuA9n4/LpalQ:pxON2YA9n4DpZ","tlshash":"6e524b3b632dabde180906ea0b058018780c2faf58336b54fff395ad20ec9564b7596d","first_seen":"2025-10-07T13:03:07.37578Z","last_seen":"2026-04-04T10:02:38.924147Z","times_seen":16948,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"344a78img.a0008a.com/cdn/344a78FW2/static/cdn_test.jpg?1772592386814","fqdn":"344a78img.a0008a.com","domain":"a0008a.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:26.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a0008a.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 10:50:45 GMT","end":"Sun, 03 May 2026 11:49:04 GMT"},"fingerprint":{"sha1":"54:74:84:E9:53:A4:F5:3D:54:7A:54:4D:F7:A7:90:80:80:65:87:96","sha256":"59:A8:03:0E:05:61:D0:92:49:8E:F4:38:2C:2A:F6:BD:B3:D0:B2:6B:4F:1B:EE:C3:D6:E7:DE:CE:CE:54:97:27"}}},"request":{"raw":"GET /cdn/344a78FW2/static/cdn_test.jpg?1772592386814 HTTP/1.1\r\nHost: 344a78img.a0008a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":0,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/logo_2024.04cb2cf8.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/logo_2024.04cb2cf8.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-30be\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 12478\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12478,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"59e0f72c7a4d0d15fe1be140a0eef067","sha1":"245602aad2f4a384bd3dd00873917d673e1b4e0e","sha256":"11d433e3f2a4b61e98b3497b581e09f48e1f3d750b78c8f2b3eb7ea3623b9aab","sha512":"5d2403139b7c49fa1f4effcc55827b3974899cd368b5534c3b78568a656f9588c6a57b2fcc3356f223e34e769c2096f3918442973f9e136f524e57bff3210099","ssdeep":"192:TuqGYe4mvdzw5K/at8JODXluji80ofc4IqiQbMme2AC9QsThH0DvvPgvxj2tVPdu:yqGY/m105WajuulAp5u2R9HaLPiuu","tlshash":"9542d0d3551dea1818e2912edf3a26bd91a860f4e91fed0d9a09034bcfba11c6c13d87","first_seen":"2025-12-29T13:32:32.245638Z","last_seen":"2026-04-04T10:02:38.855703Z","times_seen":5249,"resource_available":false,"data":null}},"time_used":4199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4198,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/img/_wms/entry_img/firstDeposit.jpg_.avif?v=1772592392229","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/img/_wms/entry_img/firstDeposit.jpg_.avif?v=1772592392229 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\nserver: openresty\r\nx-cache: BYPASS\r\ncontent-length: 150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-04-04T12:40:29.535259Z","times_seen":33034,"resource_available":true,"data":null}},"time_used":439,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":439,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zaixksi.jingyi-edu.com/?3504923.html?gaomingezodkcl812718","fqdn":"zaixksi.jingyi-edu.com","domain":"jingyi-edu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T02:46:23.891Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /?3504923.html?gaomingezodkcl812718 HTTP/1.1\r\nHost: zaixksi.jingyi-edu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":705,"timings":{"blocked":0,"dns":357,"connect":170,"send":0,"wait":0,"receive":0,"ssl":175},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"zaixksi.jingyi-edu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-96005406.dfc809d6.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-96005406.dfc809d6.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:40:06 GMT\r\netag: W/\"69a554a3-4d91\"\r\nexpires: Thu, 04 Mar 2027 02:40:06 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:40:06 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19857,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (19771), with no line terminators","md5":"b8439ebded5a4601039d488ec0800cb1","sha1":"03652fd8dc3e3e4ff222812c7dd50d789e64cee6","sha256":"d4cc9c1fa1bbb8d1d0d6df043c2d8f363978c63e9a33e9dae8e4fb9629a33a3a","sha512":"0979624238d5da3795041e0f7fd1e1c39c1b9e88f63aaea4856b1c3133086351cda07a96ebb99817b1626f90a1b3a3505f21c141e143e373ad12c6809a258baa","ssdeep":"192:bBLutXUqVvXco661Gik93nS7mhmpeWy5W5mYy055memwcBS+Z8bEMWB5p+/pSVi/:bBSltcokyv0Sw8bErpip7oIgDKjVd","tlshash":"2f9243cdb6cbf86003767170402fb106b67968807c4b9a49fa54e1e37e6046da276b7b","first_seen":"2025-12-12T04:38:56.826961Z","last_seen":"2026-04-04T10:02:38.892091Z","times_seen":6351,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/fingerprint.min.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:27.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/static/fingerprint.min.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:38:54 GMT\r\netag: W/\"699bf988-15e37\"\r\nexpires: Thu, 04 Mar 2027 02:38:54 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:38:55 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89655,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65516)","md5":"bb3a87af78d24452e4b4c94427e5444a","sha1":"f85a210257a5878a075d3cf55109233aae4639e8","sha256":"00c7520bc1f8deef83b091924e25f5cffe6a6d22965d95bc6b790695b785c5e7","sha512":"5b7bef606d230310bba22124ad98e772a5e9e762df99a7d69cfa5ebd2bf4f267ab0254d8b9533be147c7ccdf6e7c21a6400a9ad7ea6cf0a0f728e7f55364873e","ssdeep":"1536:NSCtfIkmxPDB+nQZPpasUiPXHJhiSfa+yee4yGqvBFcbrtgJFc1N:MCtfIF1aUPpasUiP3Jh2+yN4y1A6jwN","tlshash":"8393188571e77424039250e5052f040ab23ea96d745e90bdfa6dd8e2bcb5c8e523ff78","first_seen":"2023-06-01T06:54:23Z","last_seen":"2026-04-04T10:02:38.896164Z","times_seen":18683,"resource_available":true,"data":null}},"time_used":1270,"timings":{"blocked":428,"dns":1,"connect":210,"send":0,"wait":410,"receive":0,"ssl":217},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-a9c7c5c2.2f7eb39d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-a9c7c5c2.2f7eb39d.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:39:44 GMT\r\netag: W/\"69a554a3-325a\"\r\nexpires: Thu, 04 Mar 2027 02:39:44 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:44 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3963\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12890,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12716), with no line terminators","md5":"840fcfac4787230525796bb8d2a1b0a0","sha1":"2725a9c5bfb86bd2bcce36ff1795f2b0e6ca04f2","sha256":"012967ed7ffa710ca13c29f6a5a8cdf387117a649ef4da2fa457edb6f7a6d3e6","sha512":"dff797a96127b4db4901396c99ebab3c6fcac68e0d04e35fef82ccdbe188f73559fdc9c92d2dff13abab73fbc8d8dba28952822240f1ac237114836164e0734c","ssdeep":"192:ELSBzM03RDZG2PB1BxVTHKnA3NgpckeXtXgpY7zREgtk4EC1H1BxU:E4M0hDZR7bdustw14XVM","tlshash":"6a42d86cb186f172cdbbb2e3684f1595e3a61a4c480484cdb970eec65dd8e44632af3d","first_seen":"2025-12-12T04:38:56.876673Z","last_seen":"2026-03-05T02:04:20.456908Z","times_seen":5369,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/hazard-register@2x.a808f24a.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/hazard-register@2x.a808f24a.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:31 GMT\r\netag: \"699bf986-1d162\"\r\nexpires: Thu, 04 Mar 2027 02:46:31 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 119138\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":119138,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"259377d7430932721b60f167c70b55f6","sha1":"acfcba7a8105e3560926997089bb0996aa9da76e","sha256":"c78bb2510d9a0c727736d169b6bf9fe3e2b3dd0c85223cc4258b4738ad4bbc8e","sha512":"5d5701fd7d4e1ad98bbd27abf7400bb8da09291f55622a09685cd0314d5686888b1b6d8110a1f6b2a54120f7c4e406b8521fc2b2f8bd8d65b391337849e0d33a","ssdeep":"3072:hzDvgtIc09R1d1KqWd0iLyxNBA1dby9URd7q8Uq0:tXZWd0Dx6bWUf7q8Uq0","tlshash":"16c3128cd8179622a5f48f8ed5db9de9c2301953eed6c9871c531789cd36f4cc60a289","first_seen":"2025-12-29T13:32:32.218415Z","last_seen":"2026-04-04T10:02:38.91554Z","times_seen":5281,"resource_available":false,"data":null}},"time_used":821,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":424,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_1.560415b7.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_1.560415b7.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf987-910\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2320\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2320,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"a089f9eed959f29a64d121dc135a0b8c","sha1":"df9c8aad5a3c24bb54c0d1a9d7e879110cb607a1","sha256":"574d72e827fd42febea8b744f9f177b3ee7cac4f04905897dba28770a1ea04c4","sha512":"8eaad70076b2a1c756cdf8d47036c666ad569aa440833918a62728f2b811936c32bae6e2624330ad1bf6d1620212ab8f59d28e791963152be158ec1fcc8038e2","ssdeep":"","tlshash":"a8411990b54db2604797836fa5082ee0361b7ae4d5f7d98c19619227eb331c49029ac0","first_seen":"2025-12-29T13:32:32.203156Z","last_seen":"2026-04-04T10:02:38.860971Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":573,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_2.ffe2a01e.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_2.ffe2a01e.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-8a0\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2208\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2208,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"55f03e4ec82f26d44665c87d97972468","sha1":"882d4d3c9275554eae2a6fad1bea5704cc1b06fc","sha256":"27b3e01b9f9a7123dcaa9e53ceedd0f4ca3d37debbd51b657f778f69e62278c9","sha512":"966b426de612499d27ebb0a8ea95332b19888fab38090ee7662335ef5002b74e27675132980897e262c62d9b72704cf29ff20447d169857afbed541c8cea52b9","ssdeep":"","tlshash":"01413c48e494a373131b572c4c1f5d59d9990e0afb24d64c6f5a47baf33181c86cb3d4","first_seen":"2025-12-29T13:32:32.234246Z","last_seen":"2026-04-04T10:02:38.916335Z","times_seen":5252,"resource_available":false,"data":null}},"time_used":4178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_02.ba904d04.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_02.ba904d04.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-9b5\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2485\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2485,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"65f021d5878e137838c38200bd68dfbd","sha1":"621852a670c3a895a97c311da892883b2a85923f","sha256":"7eca4898383b41b8d29368f91ca38b257fffd7a87157ce088fc7cda6164ef8d7","sha512":"45dc14f20553a00210e9befaf002883394c68f3b3227c3f9e2c1884f7c1ba10edca38cb079c95a22915a7e5cb09dca5c2967f882cfd592948cf53288714f2ce9","ssdeep":"","tlshash":"12510a46427e5b7193548f2c9888de594ecb7a07da53db253453a27bc63900914ec7c8","first_seen":"2025-12-29T13:32:32.214427Z","last_seen":"2026-04-04T10:02:38.899416Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":4156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/saconfig/secure/yunwei.js?0.35993051131508724","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:26.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"GET /saconfig/secure/yunwei.js?0.35993051131508724 HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:26 GMT\r\netag: W/\"695232ba-543\"\r\nlast-modified: Mon, 29 Dec 2025 07:50:18 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-length: 819\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1347,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"fcc9440f7a59f458b991fe0ed0ad70b6","sha1":"b5a3b71d0872d6a240c5ac1a02cf40d83b7a9118","sha256":"06445e94c0f0be86d20e1c995f901722de18f4798316ebb4bfbdf88b12f830bf","sha512":"9f31b0e965103b8cc9d3fecb5a5cde16012535943953d1ac8a5c380ad6e8cad20a776b763f0659f0547d6ada03e88543dda9bcf43ece846d2a581b2ecde77888","ssdeep":"","tlshash":"5f2175e74898c91812b04298a25f3f48ff501b2710c38c5bf5be11802f3b57eb3a1994","first_seen":"2025-12-29T13:32:32.227692Z","last_seen":"2026-03-27T08:03:34.249462Z","times_seen":5374,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-62938ae4.9807a17e.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-62938ae4.9807a17e.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:39:46 GMT\r\netag: W/\"69a5549f-e3aa\"\r\nexpires: Thu, 04 Mar 2027 02:39:46 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:46 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58282,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58282), with no line terminators","md5":"60a85fadb53a485e2349221b5bd699bf","sha1":"59f05ff4760e3324544e52d12c76f7ae339cc387","sha256":"87bae1354caed232e89b52c54ab7e663bdb72b7aec23abfd31d54a02e8e84c7d","sha512":"d43c2205c97852b49762a97e82e57e23ab7f2dfd93ac98f6c75343a75ed3b4913c42a5f03b4b0a6c9bb9afd7886088140fb52b6c5e6034909e95f6eda84f37f2","ssdeep":"1536:O6h3U6K16h3U6Kx6h3U6KY6h3U6Kip6h3U6KCGAr:OlBImyGAr","tlshash":"c143a6b9ed0f3571f13b86add2907c4d1a09b213c6130fa5b992e05af6caed127c6217","first_seen":"2026-01-30T09:26:23.68968Z","last_seen":"2026-03-05T14:33:04.676544Z","times_seen":2504,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/appDownload/configList","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/appDownload/configList HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: a6f12bb89c69b8a21d2b9dcb54987da6\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: Ia2E9U9DJoKBAQ7SEDzIETzFTa1hiEJD\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 65\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":65,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"currency\":\"CNY\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 3596\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4656,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f9fd8abb2ba0631d0c5eb4b8ddca4937","sha1":"e4676e34e36d51ae1edf76370d99d8657ce553f2","sha256":"1620e277baa58542e5290fd37120c0f855dcca15d02c79e497ab2be9252a5179","sha512":"f5ccc4d359da2009b8e1cc606584c40102b932e751e2ee3c2e6e782c1ad62f4642e184abf911aca042242de855d005d45b06096cdd76fdd033e01da984e8344c","ssdeep":"96:SNJpjxDBLYtyYlpNGwq52LYQ9j9aSeFucBKmP6O7YxZz8loxbg0mj0Y:SNTjxFLYty2pNi2sQ9JaRcBmP6qYD1uX","tlshash":"d0a17e29c7485a1e30e710549c6ef7187d075922695f59b1c51d0dc8927f9b18b0b820","first_seen":"2026-02-11T20:26:16.57415Z","last_seen":"2026-03-09T18:57:58.870458Z","times_seen":217,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_3.786a6ae2.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_3.786a6ae2.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf987-b63\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2915\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2915,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"d381d66ffd3ef8672dc2ff81dc6f241a","sha1":"fa2a8e334b6dd5540f488d5a9ab807716970fa11","sha256":"d3d69526c24f699aef9c1dac7ad186d510804886dae3ef0d9bc6520ca129ca2f","sha512":"c5d4a8786085b714e95d562f3a5a326f1a0a3f45e66569d5eba4d215f857a012667b18ff397ff3390cda0288e2645cfa4139fc201fb7639533656d61df8042da","ssdeep":"","tlshash":"86511b44b93c532b43cb671da15ba512d0587145c85afa08d7cf9f7baf385c024cd997","first_seen":"2025-12-29T13:32:32.23509Z","last_seen":"2026-04-04T10:02:38.869251Z","times_seen":5252,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/js/abc.js?t=1772437211685","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:26.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"GET /js/abc.js?t=1772437211685 HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:42:59 GMT\r\netag: W/\"69a640df-5aec\"\r\nlast-modified: Wed, 04 Mar 2026 02:42:59 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":23276,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (690)","md5":"36b4adfce841f9a9b381d0845df16141","sha1":"a2b55da08e0d61a1c5e04af54f0b2b88b8c3f2c2","sha256":"58255f4d0b9330088342ef7c3a324b129ea9ed3080a9533e9154d32e2b23c05b","sha512":"fdb4d7b9bc8d01094483fce090c5243f428842ae8bb67b586d7ac978e1e32990498cdcabeb305389f1d84a6f1288991de02c90e825172b5889a9dac3edb99cb8","ssdeep":"384:WRYeJEvdEyGcncMWw9mdhL3EfcuJ0ighG6d67blvJdh/uB:8YeEdEyG24w9IEfcuJ0LG6d67blvd/uB","tlshash":"aea220550e5660149b6317bf7a2fa4e4e7b209270d44aa4fb61c6100efce62fedb0638","first_seen":"2026-03-03T06:51:57.057582Z","last_seen":"2026-03-05T02:04:20.459763Z","times_seen":83,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/cdn_test.jpg?1772592386814","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:26.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/static/cdn_test.jpg?1772592386814 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 02:46:27 GMT\r\netag: \"699bf988-1b\"\r\nexpires: Thu, 04 Mar 2027 02:46:27 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:54:00 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: UPDATING\r\ncontent-length: 27\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27,"size_decoded":0,"mime_type":"image/jpeg","magic":"GIF image data, version 89a, 1 x 1","md5":"6a43099d5c8fe991a7aa7ebaca53069d","sha1":"5bce2f0d57305c58c7b05bfce29ebb39a18f5570","sha256":"3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1","sha512":"b82c6aa1ae927ade5fadbbab478cfaef26d21c1ac441f48e69cfc04cdb779b1e46d7668b4368b933213276068e52f9060228907720492a70fd9bc897191ee77c","ssdeep":"","tlshash":"e2800003c2a08000c380c0300808020023808820020a030aa08c00c8ac2aab00c00000","first_seen":"2023-04-05T15:47:46Z","last_seen":"2026-04-04T10:02:38.893689Z","times_seen":20399,"resource_available":true,"data":null}},"time_used":1135,"timings":{"blocked":460,"dns":1,"connect":211,"send":0,"wait":214,"receive":0,"ssl":237},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/websocket/v3/jp/pools","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:30.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/websocket/v3/jp/pools HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: af171bd194c1cf8599a55db3600f0835\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: k0eaDy26krd1reqhKtLDSSxdrpTsbSqK\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:31 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 2803\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3608,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4fe0e7ed941e6b4d645196dc9728202f","sha1":"78069e4624b79bb471ae7fae751a892eb06212fc","sha256":"74f3fdd6742a297d08bfe9800bf78c42235fc91970c187d8fdd0d27feea01490","sha512":"ab5bfa06c9ff1c8c9ab490214d8a0245b253dca21820c5473fccfcf44255f97f71f85cb50a286588aaa43db8d54f9679cdd0613507a5acb27d31ce41dabf38d7","ssdeep":"","tlshash":"44714ddd108efe6229f324e115fbcc9f3018c3665bc2ac9747dbdd5a8ae690015068ee","first_seen":"2026-03-04T02:47:00.315934Z","last_seen":"2026-03-04T02:47:00.315934Z","times_seen":1,"resource_available":false,"data":null}},"time_used":410,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":410,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/program/getSettingGroup","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/program/getSettingGroup HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 09a789ca0174646e37558ec86f2fdb73\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: JjEMuhGD77CVcJqEp5N3j5zEAbN0Rcvn\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 70\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":70,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"group\":\"REGIEST_SET\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:31 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 513\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b058014b745f13c143ba43271a03fcde","sha1":"a5bcf7717adbb0ec0bf721138caa7de39002a906","sha256":"050b67e7a86bd7ea98216b59ee9761c558aaab866ecc28f0a9dbd7e3f828e42c","sha512":"a8b6e165e091ebcd45936d6da1cda39057039f272566aaeb1c6995d625a9cb9193f182efff1d61f1fb8c577917518088d1c4694f4571896d769701c4d9fe08b6","ssdeep":"","tlshash":"fdf04103296ee2f0c68582f1cb17217527607fa9d0a41d1d93ade00712a9b00a384022","first_seen":"2026-01-16T12:06:16.074501Z","last_seen":"2026-04-01T23:22:00.094638Z","times_seen":12,"resource_available":false,"data":null}},"time_used":487,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":487,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_03.b865f42e.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_03.b865f42e.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf987-c75\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 3189\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3189,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"09b2b4cfdaedf8ec3a9816d2a49092e5","sha1":"adf8d0b385bc0d86ae664c97b61e57cde66e3bc3","sha256":"9ddb75d7cb7cd0309d419c2324a7b79807942b5e8f756ab790845a136be1d02a","sha512":"150cf1d65910c90694fa72817adaebb59d4fe113cfef95df2defc0fd5e4fbfe73544b4c9d5be35887af064ce4fd71207a9246b7590d7dce5694ed9aa6fa2a68a","ssdeep":"","tlshash":"e4614c983afe4ab106d2055d985cc0a93e4920adff72c6a80ac715b53b7b74909ec09a","first_seen":"2025-12-29T13:32:32.244392Z","last_seen":"2026-04-04T10:02:38.865936Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-78c8c59b.2e49555b.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-78c8c59b.2e49555b.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:39:19 GMT\r\netag: W/\"69a5549f-303e7\"\r\nexpires: Thu, 04 Mar 2027 02:39:19 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:19 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":197607,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"f6c50c53a4f74d48da334a96b4a587d4","sha1":"c8a290280523b4023aa7badef13271ea05ef5062","sha256":"921d3ac8156a587c5dbfb75562bca7d9d35e9691945a483f722fb6cce749e664","sha512":"3c23db9193ed16caa0a360590db3568f37b0b343354f8fe355730c98fd06ffd14d6682ceb1049da71f163b3a68840bbdbece9256ea63ed1e7989e97f93e1384d","ssdeep":"3072:kP1hv+SCZakxwVyLJrJMJAKFBWLoGfpWai6V5atjLUjdlbMHZK9hspq0yY:r6","tlshash":"8014b678f40a34a6b23b477d829474094d0af153da234f6879d2e199b6ceec217c7763","first_seen":"2026-01-05T23:00:09.201838Z","last_seen":"2026-03-05T14:33:04.699249Z","times_seen":4344,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/background.4c381bf6.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/background.4c381bf6.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:31 GMT\r\netag: \"699bf986-50f3\"\r\nexpires: Thu, 04 Mar 2027 02:46:31 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 20723\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20723,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"f476b99f031be6295e1817fa8be8c58f","sha1":"11c56e23b41380d97b2b2c85ae668e2219340aff","sha256":"0da6f8ea36c5a9b9f43d9b54fedd44aaf5503307f45fb744eead36774c5be881","sha512":"1cb8d51477b2bb4bf653852925240642cb11c2d5b3472aac1c6a2beba6c5be74b43d616a5ad1dafe3118e16eb2c5192b97efc7d893a4eedf63dbba28c9be5a25","ssdeep":"384:z0rCMxdTBXq4N1crnk3CZL0AGF2o4DPp8eLY4tKfqRnIhFu3I:zQdz1GnkpGP5LY4tKiRnYA4","tlshash":"8c92d03078cbefb445466e1d540aac9160d4910dd39fe06cfbe7428ca878f0a9da29df","first_seen":"2025-12-29T13:32:32.209906Z","last_seen":"2026-04-04T10:02:38.845205Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":817,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/logo-banner-pa.953ba5ab.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/logo-banner-pa.953ba5ab.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf987-41fc\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 16892\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":16892,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"bb6e87af558b28036a2ebe84a445b81c","sha1":"21d54e4ce814858b510818b899ee93fe63b4c2c1","sha256":"6a17d5b80cef86e2d6da845136fbc1235ce9a2dbaa39e8ff973aecac6018f2bf","sha512":"0a0bc839f916a1e1d05795790966db8d9ec414cbfa9e90aa8d29704a0203ffab5d089e86b00728324425fd4be8e534d97e7139f92c3a7cf7c9288e81355aaecf","ssdeep":"384:wG9ZKhNel5zlNK5MgujwfQazKph2cpbKSkJV61Pgw0zVz:wG9MhNel5pA5MgujoQaGph2cwhJV61lC","tlshash":"3572c02f604ff730b9961b7e97698bc654c23d0ee941d1680acc8f695dfc20a501a4af","first_seen":"2025-12-29T13:32:32.258309Z","last_seen":"2026-04-04T10:02:38.911882Z","times_seen":5251,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":378,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/icon-vip.57b3849a.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/icon-vip.57b3849a.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf986-4d5\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 1237\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1237,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"cc7698c072ef40aeca484d0d0a840493","sha1":"c474f56ad4282811cbc991b1803edbaa9886c48d","sha256":"aeb7101bc1943ee4f5caf9a82aa101f9d3f4506fcdd802f6ec5dc2fa72b76a3c","sha512":"fb9b31717dddae29730e14bfe5c5e3ae9d6e4870a38bc525c76912bf3e7d0e04edaa345caf13c506dcaed8e28ce21a4f66ec36c1aa314aa7bea30bacf0cdd75b","ssdeep":"","tlshash":"2421a75cd46ce60546ca014d290f6560a45822ddff75e24d7b0a48fb9f37c1860fc9ce","first_seen":"2025-12-29T13:32:32.241488Z","last_seen":"2026-04-04T10:02:38.826188Z","times_seen":5251,"resource_available":false,"data":null}},"time_used":3723,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3723,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-8FRE3KY7VN","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"GET /gtag/js?id=G-8FRE3KY7VN HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 04 Mar 2026 02:46:30 GMT\r\nexpires: Wed, 04 Mar 2026 02:46:30 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 150933\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":455739,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"b3a124aca9a33820bd7cd2c1747fb8fc","sha1":"c4625fcd4be297ccdaf5ba8f5758700bb178ec50","sha256":"a9f05ac54b62681e11fd4f660edee8e3875f55f1136f701818196f7af34e42e5","sha512":"469a833182e99d3eafea55ce8b916c73261c95c20045d8e9765a587322b2da4cbc38bf58ad5088c1a70ecef96bf7cad27e69d41d6729ac93dc3c64432fe10b2a","ssdeep":"6144:DPXRiRcWyFwFl5MGJEf4Sp8dYqEGiQybJbCebVLQsPRgApN3q:dmpyFwFld2p89ebaR","tlshash":"f2a419ce73c670225296f478503f018ba57b68a2b45ccc96f199cce42e74a9a4277f7c","first_seen":"2026-03-04T02:45:50.500581Z","last_seen":"2026-03-04T02:52:46.261978Z","times_seen":4,"resource_available":true,"data":null}},"time_used":435,"timings":{"blocked":191,"dns":0,"connect":10,"send":0,"wait":21,"receive":32,"ssl":178},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/webToken","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:30.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/webToken HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 99c4dd0ee79724bb2742bb7bb5104bb1\r\nneedEncrypt: 1\r\ndeviceId: undefined\r\nqid: ud6Spq4455H4lrCZyH0iCCo4x7uVa54P\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:30 GMT\r\nserver: openresty\r\nset-cookie: JSESSIONID=31B96D37D118C85E30D718DBC6E575B4; Path=/; HTTPOnly; Secure; HttpOnly\r\nvary: Accept-Encoding\r\ncontent-length: 401\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":432,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d759c287d7d215f8a8f3e4bcda379225","sha1":"a82226194552a59eee5d9ef678fa4a37b538287f","sha256":"b8efff2c5daef612d2578b84f3e16c29629b1bb034d2f4cddbbbebf69d26d1bb","sha512":"c9cac67961de48fd52a0943920232a9a25ec7e6789a422bb98beab0376484580fc2efc5cb02c3c7c0fe296387a90b582dddd32fd27608833ee5e89f88d6da55c","ssdeep":"","tlshash":"84e023885deccf029dc305d57522bb2ae8107c94956a0ce1050e297f40e872a65c56d1","first_seen":"2026-03-04T02:47:00.320876Z","last_seen":"2026-03-04T02:47:00.320876Z","times_seen":1,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/register","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:33.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"GET /register HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:33 GMT\r\netag: W/\"69a640df-9f2\"\r\nlast-modified: Tue, 03 Mar 2026 02:01:03 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-length: 1572\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2546,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1576), with no line terminators","md5":"1b456ce0e673ed61754bb4bb07c50b85","sha1":"e89a422e2f41312cea190eb2c1b6494426a614bd","sha256":"1d7090312e8514f7d764856915d0570ccd0adce126750d6230cc0fe336e485bd","sha512":"86abadc4e14e34ab53ca2a5178596943a1105503872749ef53ec8860ebd64cc8710a8afda87ce5511f49529017466684dd64cb5c33b4c2b454ae9ffa31e2a928","ssdeep":"","tlshash":"bc51d9b72270f49e6204c2f17b6d222c800a5f1e51715d71e7c509fd9ae0ba4896204b","first_seen":"2026-03-03T06:51:57.063295Z","last_seen":"2026-03-05T02:04:20.403463Z","times_seen":83,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-143a7152.0b1b0d14.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-143a7152.0b1b0d14.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:39:44 GMT\r\netag: W/\"69a554a3-4a42\"\r\nexpires: Thu, 04 Mar 2027 02:39:44 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:44 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19010,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (19002), with no line terminators","md5":"861d5e59d4e707f685d217adb405a291","sha1":"4f56b83bde4d00b1085043d393f98aa2f49e1c03","sha256":"44fef1002101067f099d7053f4bbae0300d209461bacea49828d32646eb6d5c0","sha512":"26b963a07489f8b358488f0c35efc27f8cd16452554d57fa38e0b92e263a07981e60ca02fa1728b9e7c3465e96c12ae8661c8340ce582e41d9dd33966c96be80","ssdeep":"192:hR7nlHVIdJsZHW42RvSjW6UlFvyk1X1ZIhMPHC+VqNQCQLfOJp3dMqDuwGyeUZ7k:hR7IdJSE0W6UWjhyHCt+yeU5o","tlshash":"d782d89db2c2f0b15aa370a5502f610bf3355d84704ad1c1d238d9e0edb89ae437bead","first_seen":"2025-11-20T02:21:21.426791Z","last_seen":"2026-03-05T02:04:20.439075Z","times_seen":9937,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/image-loading.f3d91b70.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/image-loading.f3d91b70.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:31 GMT\r\netag: \"699bf986-3053\"\r\nexpires: Thu, 04 Mar 2027 02:46:31 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 12371\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12371,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"2e22162dd4d9bde2039f08d73e614e3f","sha1":"b0cd6eb6b586dc24a7d18a9e191c7056b6403bb6","sha256":"117fca3f31476279cbf99e0a1bb488986242b3813c2d8d397f2468c60f800ef1","sha512":"23921b6f1769e2371f7fa95040f62355f4631b0990bc33fed2e6d6aa23aac9c2c9ef7d25d7bc78c929a209b97b617ff024a42a896c94c81a5e0566dd2ccec673","ssdeep":"192:TIvpcs5rRMO6cUAq++ozGMSIjWyD20JZBZ9O4O5xYyJdxb5hz+rVUy3+ogJEVSsO:ep/g5loywjdKoLTOrPxXmUtXE0","tlshash":"e242cfc8766cc4bbe32c105eb119b34e6f94b1b0d230ee9493297217f43e225a9e07b5","first_seen":"2025-12-29T13:32:32.22297Z","last_seen":"2026-04-04T10:02:38.864061Z","times_seen":5364,"resource_available":false,"data":null}},"time_used":816,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-24dd02d3.3e0142a2.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-24dd02d3.3e0142a2.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:40:07 GMT\r\netag: W/\"69a554a3-bf5\"\r\nexpires: Thu, 04 Mar 2027 02:40:07 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:40:07 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1080\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":3061,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3061), with no line terminators","md5":"8c5d4db2eb8bce648ef88c2d779142d8","sha1":"83d3c793ca0a7b4422ad14aa7c6ebebb6aef6263","sha256":"0a8d3ea31265201d3822648c6ef2d38287663a83ce22e9030d00a2c4918fba86","sha512":"78e58239c9b0b731eacc7cb1d28879bfe37cec97cd0770e0e63482ecde1c8641b1d1d0978712ecd07b193986356384c57cbe311a6371a82d1d499df7e8ed7cb5","ssdeep":"","tlshash":"8651a6ac35d3f6765776b67de0271249b3996d95240e5d12eb18f8c2b300c1ae2323d5","first_seen":"2025-10-03T04:20:57.632354Z","last_seen":"2026-03-05T02:04:20.441783Z","times_seen":16191,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0d0bab.cd2fc1a8.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d0d0bab.cd2fc1a8.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:42:13 GMT\r\netag: \"69a554a3-11e\"\r\nexpires: Thu, 04 Mar 2027 02:42:13 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:42:13 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 286\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":286,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"81888f1215e269075e2836e59416c641","sha1":"3dfe5514fab77fcc66863e0416350ddfe579ae56","sha256":"abfe652a8d79b5306640af6c84fcc499efffb37eb74f3338efe43daf80ded445","sha512":"1ca856180b5a2ae7de26efbd6ee13cb0480bd1c2836489d9c2fa553c04ace4950692ee58652008d3c8f7f70fcecbe48adb47ee37bbc0050ce4f6b9b8e6a6ac4b","ssdeep":"","tlshash":"44d0c29d7081f02808e7d9a5617fb3a77babbd842e07dc504d5490703a315ea5721acf","first_seen":"2025-04-27T22:25:38.233173Z","last_seen":"2026-04-04T10:02:38.868455Z","times_seen":18132,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/icon-du.807d209b.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/icon-du.807d209b.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf986-6cd\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 1741\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1741,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"3280d493a54ce9bba59c37a3e3686429","sha1":"4a7aacd3bdf6857e327c231d52d84f2f96a99b88","sha256":"a3455cca2a56b186cff00cc72787b425c5fa1730e001a232a986b6de568c86c3","sha512":"a040b9015d7196d99bf37a57fe6a8afd9fb1e75cd7e1ebd338f58b96e3728744a4aab8620cef55b86ecaaf2a4e37d076ffeb32297e412854ad6028f259e7b490","ssdeep":"","tlshash":"6d31f8c5e209d73c830b445dc808db5228886241fb89f2a07d7ecba9eb739028b4c2e4","first_seen":"2025-12-29T13:32:32.216165Z","last_seen":"2026-04-04T10:02:38.884509Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/app.08ecfdb1.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:27.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/app.08ecfdb1.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:17 GMT\r\netag: W/\"69a554a3-a2427\"\r\nexpires: Thu, 04 Mar 2027 02:46:17 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:46:17 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":664615,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65458), with no line terminators","md5":"b9faf2997e8182f4ea27a1f6445ea6ab","sha1":"6e7e53f4513ca6bac42d6e38594a66e3cac39ecf","sha256":"cf7e902209d57ea1a515cbfd17b61d1d6fda411d2004ba7a33f8dd084d6713bf","sha512":"4038daf17d8a8e479e553e0c05ee18fb72426f59f44709535ef160f345f5a51269b0ae39245f58ff77ebd7ab0513a5d375029d196b1e1537837e8e1094b26246","ssdeep":"6144:rioJSV95QaQY197ewgWFnDv02DHAXfrn1c0vxWCJ:wtt19bFj02DwFJ","tlshash":"b6e4e8ed75cbf199076335b2612fb642b1aa7c41742e8522f734dcc2f550988a333ea9","first_seen":"2026-03-03T06:51:57.076353Z","last_seen":"2026-03-05T02:04:20.404242Z","times_seen":82,"resource_available":true,"data":null}},"time_used":1729,"timings":{"blocked":468,"dns":0,"connect":229,"send":0,"wait":788,"receive":0,"ssl":240},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-74598ce2.53510329.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:30.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-74598ce2.53510329.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:37:56 GMT\r\netag: \"69a554a3-2e9\"\r\nexpires: Thu, 04 Mar 2027 02:37:56 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:37:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 745\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":745,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (745), with no line terminators","md5":"055d4d35afef91473e347b39bc038786","sha1":"091d82536c19bf49ee14c8171471e9a12cae5947","sha256":"310fd4fd18bef0f3f8d20ae1a56fa560b3e29692742106c7f92443f336a38443","sha512":"efe18abe9661e52b7692b949d102f254aaa76a0e3c2166063d611773e3441c365ab7f36904642f3685498ce7100d1d1590509a86867331f200d424fd6f630bb5","ssdeep":"","tlshash":"13016dad7281e0d04fd690a0c077a3aff6aea9a07d49d32089a1e0e137105eb6123a47","first_seen":"2024-12-14T05:41:20.950845Z","last_seen":"2026-04-04T10:02:38.885309Z","times_seen":18313,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/static/_wms/_l/_data/version/versionControl.json?1772592392295","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/static/_wms/_l/_data/version/versionControl.json?1772592392295 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: W/\"69a694da-66c\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Tue, 03 Mar 2026 07:59:22 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 1312\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1644,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (1644), with no line terminators","md5":"fcaf8ec325813de134845cc6da0242f6","sha1":"b720ff3bfe32dc34a258c06ef306097444b1bf80","sha256":"ef2accfa2ff26eaedd4c2fd124bab8861685ed4baa8636a608d5d73e491b94e3","sha512":"3295950caa7081644c5257992d3f8d64baa5232b8544954c494dd0cd149a3aa1cfc6530d6d4b2de9af7ae5875cdffac4a27d426a31c10cccf765a5f8123d87e9","ssdeep":"","tlshash":"a531eaa9049d8558918f5979bff0d72f9022432bf58ce5e00ecda2528ce9f35b549d09","first_seen":"2026-03-03T08:54:13.354395Z","last_seen":"2026-03-04T02:52:46.242021Z","times_seen":39,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-01ee470e.a3d50b05.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-01ee470e.a3d50b05.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:41:22 GMT\r\netag: W/\"69a554a3-24e88\"\r\nexpires: Thu, 04 Mar 2027 02:41:22 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:41:22 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":151176,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65372), with no line terminators","md5":"e5f1c43ece9ed339203056efacffcc57","sha1":"2589bb954da153b886f9b4cdad520f4fe528ae58","sha256":"60ee48c5c21171d648248e28a25012199ba7a99c93c5a3c4fe63b7f898668199","sha512":"22f524efd41dc39f7332dbfbe23a8a8f1dff74f42f755079c9e00d972863f9b54b3e3aa14b69159b03dba6af492766ef5d6794130ad14d4a2925860ced5b873c","ssdeep":"1536:Ix4PNjoBpSRXs472UzgYFLIENqFLWo1S/YUqDRmEyTOOwnCFypj67DaJuXvll2YQ:Ix4PNjoBk5SaNgFHviXv5dEHvWCntww","tlshash":"25e3098cb2c6f4b94ab371a1203f2506f3715ec4a419e544b638d9c1ef9486d536eb3e","first_seen":"2026-02-11T20:26:16.593965Z","last_seen":"2026-03-05T02:04:20.372017Z","times_seen":1400,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/favicon.ico","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:26.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-type: image/x-icon\r\ndate: Wed, 04 Mar 2026 02:46:26 GMT\r\netag: \"68a57ec6-47e\"\r\nlast-modified: Wed, 20 Aug 2025 07:52:38 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\ncontent-length: 1150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"09834f85a56009ec341b179ac2636b08","sha1":"2624dce467abea717c6a33cd3e9527470d87c78e","sha256":"a046d5883eba49158431b8277cd8c100411aae5535dae4411c55b878426fa5ac","sha512":"cab0518045f6f3449d268f142795b637c4aa6c34b7a1f1a17f3dd0b9568cbba28b1af465f65944545dd37167862edb35c3c4dd01d23b2fe0513a3471448e01b1","ssdeep":"","tlshash":"8f210082b200c82cc0a00330c802ebfa028c8c02c8b8220b00223c8bbc320a808aaba0","first_seen":"2023-05-22T08:12:19Z","last_seen":"2026-04-04T10:02:38.9147Z","times_seen":6751,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-96005406.0b538009.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-96005406.0b538009.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:38:57 GMT\r\netag: W/\"69a5549f-1596\"\r\nexpires: Thu, 04 Mar 2027 02:38:57 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:38:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1665\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5526,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5526), with no line terminators","md5":"eaf7578a7d79c404f76b87ebd601efee","sha1":"b71d5e775fb40ac97efff57e8799e83c8dd9b71c","sha256":"2ee774624611221fecafd6f4979a2dbbed92911d35337502088647fb790da769","sha512":"a765ee71861b2aca2d79dbf0b64cd8c01f92c4a7cfbd9bd59473c559c017a6dac67bb2c6418865d458f06bd97704af1285e486d825384362da5afc5b880fd14d","ssdeep":"96:DCowvhNSwYLjUfXNwfXh3U6KOsZsQfECBjnO6IfWEjxEElEEeajsvNdqyU1G1o:DCowvhNSw8jwNw/h3U6KOsZsQBT0WEjz","tlshash":"1fb17478e80a3ce3a26b03bdd190b8154d0ab557d6135f1079e2e19d76cde8217cbb27","first_seen":"2025-12-12T04:38:56.90888Z","last_seen":"2026-03-05T14:33:04.666859Z","times_seen":5474,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_0.75e7f341.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_0.75e7f341.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-81f\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2079\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2079,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"1a63f9db273f7292badaa1d4d0717bd1","sha1":"f28deaf7403602a2043c23c2a47e445175c1b5b0","sha256":"26f68939c997ad06f193dadf7a71b70185a3190f477528d2c815a9348f1160c8","sha512":"eecfa8273ece1e090386dcf3259f9a3c2ebea336b1b3f1e5a478a8c2ebb69dd3b6bece9d655f7887669bb78d4b2c840e1d7d1205fee8880fcc852e0f25369390","ssdeep":"","tlshash":"1041ec913450e329036e51ec0c899db0450a1685edc5e7ad674e15e2ae365c9c0f47d0","first_seen":"2025-12-29T13:32:32.249084Z","last_seen":"2026-04-04T10:02:38.86017Z","times_seen":5251,"resource_available":false,"data":null}},"time_used":4182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/liveChatAddressOCSS","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/liveChatAddressOCSS HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: da68abb7d91149901345b23e6f2bc0f4\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: ZWoCmzKDccGncLcnQ9zLoHKCR6xg40r8\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 61\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":61,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"fetchUrl\":0}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 205\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":195,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"e77565e8a6ba17012321ecc458da4204","sha1":"812aa2e29b3c66878335997b86c0f3c57828a448","sha256":"6f70887396e35257afd153b2620ee65d993557661d70ce2c266ba47ae1c66fb9","sha512":"daba6e6aa1b434a0eac809a2f49ba94364fce89b8813bfdd5de398e54aebe69461443182c405a5cc03972832cee576becba7580d77aa27313935cc89c8894235","ssdeep":"","tlshash":"d4d0c01a6ce88603bdd390f49a0fb2136130b4f27f70fc040427603d89f8118100270c","first_seen":"2025-11-10T22:29:35.750969Z","last_seen":"2026-04-01T15:17:32.400842Z","times_seen":93,"resource_available":false,"data":null}},"time_used":410,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":410,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_06.1f0f51f2.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_06.1f0f51f2.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-af5\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2805\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2805,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"48b54fee67d19ab7b6f07629ff985f33","sha1":"c826070ba9352cf08ba3c321368a143dfb2867d6","sha256":"f711a698ae1c651ee93b70f05132cb33e6e94205c2cdef754eaecbc453bb9755","sha512":"0031eb73467e04ea4902539d42cd26dea6ca268506c41309646e4cf6903e5457864c89d07209abdde71a870974bd34ac27f33f750b4dc9e89ae9e60676f3bdfe","ssdeep":"","tlshash":"20512bf8e64e9640921ca44c4e5c1ff83932f1d2e656d4112b0bff2bbe3213240a02ea","first_seen":"2025-12-29T13:32:32.256012Z","last_seen":"2026-04-04T10:02:38.8712Z","times_seen":5251,"resource_available":false,"data":null}},"time_used":4150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/icon-promo-center.f50a467c.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/icon-promo-center.f50a467c.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf986-48d\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 1165\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1165,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"adb08ee6ece8f7c4a22863808c8b7494","sha1":"bc66fdc333573ceea36a1b37ebf8d71238b86824","sha256":"095151612f20eafd03055a8bbe254677980c80054a102ddd8fbbf7f3a58bced5","sha512":"9895a819f1d1ee860115f132537d666bb321abc1cfd8f610cfbecc31c722ef40dbf249caf2a09aed408a2dd69308b87ac529cebc8fb5208f51b36b5d1b3ea09c","ssdeep":"","tlshash":"4421b69ced2ed3a5033a224d5d8c722250885b96d3f6db4c1e9b487acd3161608ecac4","first_seen":"2025-12-29T13:32:32.23051Z","last_seen":"2026-04-04T10:02:38.912965Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/newyar2026.0965e29a.jpg_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/newyar2026.0965e29a.jpg_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf987-6c75\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 27765\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27765,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"c123c89113c452ef0736d2c137227c9c","sha1":"9ad63afdc317e138c12d7cf0f5d30351313454ba","sha256":"c772456f98209a2787957d998f307494a2bc96badaf05411f4a8b40106913e10","sha512":"3fddefd06e3bcc18d360f78365c02df139fb2d6e176dda9476837295deefe206d491ea33f8291c454f1bcb719a7a35850ab44cf9892e99edf8102d136515f66b","ssdeep":"768:YCEm++qBYnCXLRV2a9Yb8GY8XNuauzMEWwZru8GzQuugXXi1xIKS1M8:mCnCXLaoYbR0ME3Z3xgXS1xIT1M8","tlshash":"7fc2e14bd1518db72d72d82c80e8f48534bd49eddebbc21e64659ca48dfd30440cac3a","first_seen":"2026-01-30T09:26:23.741229Z","last_seen":"2026-04-04T10:02:38.831408Z","times_seen":3278,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-78c8c59b.5d16164a.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-78c8c59b.5d16164a.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:39:33 GMT\r\netag: W/\"69a554a3-23d50\"\r\nexpires: Thu, 04 Mar 2027 02:39:33 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:33 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146768,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65337), with no line terminators","md5":"58432c13596178ce8132f34ba9ab41e8","sha1":"633a66579f9f63cb5a5a0da66420cc5d18a4ffd7","sha256":"dba26d1bee82335ba89ea54bd55e746316919c6d1264d6452041e54e065a90cf","sha512":"c588b43351fc74373e9396e57d387997336fe4ab48ff89092863a314b262d895d1383b9a9d184e2d72c9b40c530db21ec43579962816d2a26965914b88882c75","ssdeep":"3072:Iz98tbsQZQUNJ3ak9uPRj+n55b7cQ0fG9l/lARKJ4P43HdIXRb2CqFF+sPXIt3mF:ltb1l/l9Hy4iK","tlshash":"12e3e849b5d7f4b90af76162103f3606f03b1e80a419e099fb38ddc19aa491e527af3d","first_seen":"2026-03-03T06:51:57.079486Z","last_seen":"2026-03-05T02:04:20.429013Z","times_seen":82,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-f2895cd8.231b68ee.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-f2895cd8.231b68ee.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:39:44 GMT\r\netag: W/\"69a554a3-2d153\"\r\nexpires: Thu, 04 Mar 2027 02:39:44 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:44 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":184659,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65498), with no line terminators","md5":"59bbde6ff8030fd5793e4c55aa1f421a","sha1":"e886e7989289635d69dac2048e8a5b0d7a1c2f8f","sha256":"acdfacb39db5a8dba2901273cf10fb5cdece229aceb541e684091ae5923ad119","sha512":"815ac127968e285be86b574a2e460eeadb385f77768289f564573231660075f53efa2e31d13411ac08e0b5fad4f6407c469f38a4f43dd0e3ccdc58b2a41b7b97","ssdeep":"3072:OOofIp+cF2PpQw0wPVgSv+yj4yBtblt1Nq7jRa1Qst8VPfOooWC:Ou+0itbla1c","tlshash":"2304f889b6d2f4b50aa7a0e5002f1106f23a5e49b81ad099f774d8d1edb4c4e533bf78","first_seen":"2026-02-25T11:07:02.370406Z","last_seen":"2026-03-05T02:04:20.42487Z","times_seen":232,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/program/getCustomSetting","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/program/getCustomSetting HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 297bd2fb8ddca92f435b93087b545c7c\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: 4I49ccUdjv4cwU9Dw5ZnrO2fHnVIQMrZ\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 58\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":58,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"flage\":1}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:31 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 188\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":176,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4c9db78266844857d56d8f609470693b","sha1":"294c21efd907abe755d5b3a138bed7a88fc16613","sha256":"5cbc7838c364781301380cc08ae5bcd3b467092a4dd87e167cf04891cd321f17","sha512":"ec0e4ca3706964051dec119496439b751302225694ff836d22a1b25cceaf200f37024888b6bd5374e843667f9b897f689907192204ff38afdd5ecfa9da754993","ssdeep":"","tlshash":"27c080d61c6fc6415cd741f44691324310f4be551764984cc12bf03981f812d11449a5","first_seen":"2025-10-14T22:44:38.922236Z","last_seen":"2026-04-04T06:27:37.005914Z","times_seen":825,"resource_available":false,"data":null}},"time_used":410,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":410,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_5.cd478a0f.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_5.cd478a0f.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-ae4\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2788\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2788,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"af65e62f36f11ca80e32a89a18f4f8b4","sha1":"da531427bcd56db6d10a9761c625e13e395c7dae","sha256":"4a606d28853c62e42f8d901208425af87f6956a2c7407a6ad584aaa42cf524b3","sha512":"57a261c0ffaf6296c319aa7bf4595624f64899f5e4f9acf5b8faae13bfd11479067298912e0f2049854937f25b1460b760603fd40022e90e983b41094f695466","ssdeep":"","tlshash":"76510aa412dc2622dbb44ead051fad549e4f1e4afed9f91cc513cd86ae3cc46985c8c4","first_seen":"2025-12-29T13:32:32.246799Z","last_seen":"2026-04-04T10:02:38.921545Z","times_seen":5251,"resource_available":false,"data":null}},"time_used":4169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/image-loading.f3d91b70.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/image-loading.f3d91b70.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:29 GMT\r\netag: \"699bf986-3053\"\r\nexpires: Thu, 04 Mar 2027 02:46:29 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 12371\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12371,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"2e22162dd4d9bde2039f08d73e614e3f","sha1":"b0cd6eb6b586dc24a7d18a9e191c7056b6403bb6","sha256":"117fca3f31476279cbf99e0a1bb488986242b3813c2d8d397f2468c60f800ef1","sha512":"23921b6f1769e2371f7fa95040f62355f4631b0990bc33fed2e6d6aa23aac9c2c9ef7d25d7bc78c929a209b97b617ff024a42a896c94c81a5e0566dd2ccec673","ssdeep":"192:TIvpcs5rRMO6cUAq++ozGMSIjWyD20JZBZ9O4O5xYyJdxb5hz+rVUy3+ogJEVSsO:ep/g5loywjdKoLTOrPxXmUtXE0","tlshash":"e242cfc8766cc4bbe32c105eb119b34e6f94b1b0d230ee9493297217f43e225a9e07b5","first_seen":"2025-12-29T13:32:32.22297Z","last_seen":"2026-04-04T10:02:38.864061Z","times_seen":5364,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_4.b3978b35.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_4.b3978b35.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-c67\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 3175\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3175,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"9d3f03597ced6ebb5f532215512bf8cd","sha1":"ddab5fb8c5fc7fab060ed44bb9d93d9e941ba313","sha256":"da6fa144f139e9f260d5d2beda2461541964178da632449ec7a9fd87d67415de","sha512":"840e517e63a4c27d468985d84d80b118935106b3daa4c88268b6cb95668c35dac11f4bfb252058a6be89ab745fff4ee295cc2350f9ff7c2c6b452487e35f9da3","ssdeep":"","tlshash":"87615bc138578364e2dd5bfd5d1aac64484c49a8d20ae2389bcf40b8d737a0b08bfcc1","first_seen":"2025-12-29T13:32:32.232962Z","last_seen":"2026-04-04T10:02:38.919839Z","times_seen":5248,"resource_available":false,"data":null}},"time_used":3957,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3957,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-a9c7c5c2.2af8ad46.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-a9c7c5c2.2af8ad46.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:39:15 GMT\r\netag: W/\"69a554a3-5bf1\"\r\nexpires: Thu, 04 Mar 2027 02:39:15 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:15 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2848\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":23537,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (23537), with no line terminators","md5":"0a0d44ea6813fdcf8ee4b10fbf3fde6f","sha1":"77204d4bf26422eb2110b8e01af03ed05a228959","sha256":"779d5223e468931b8be31a285acdbb8fc9fe0dbe789caef2e64fe7fc02b6e752","sha512":"d23cff9f56bfbc209824aecb275236fd8a9a4c7c8b0fd1c6cd920061b03dcf0bd99f9d207525680052ba2c2a2d67a7e18591efcb9a543c7a49128b79a3d2bb60","ssdeep":"384:PPSxj2Mh3U6K5ZsA0WEtEYExqn8CGPSxj2Mh3U6K5ZsA0WEtEYExQjc2iPfPSxjf:nSAMh3U6KJFSAMh3U6KYjFifSAMh3U6j","tlshash":"88b2977de5092872a22f4b7e86d47c080d0ef657da134f94b6c2e0d975cae9217c7a23","first_seen":"2025-11-20T02:21:21.464926Z","last_seen":"2026-03-05T14:33:04.680095Z","times_seen":10016,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0f0692.0504ba0d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d0f0692.0504ba0d.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:38:59 GMT\r\netag: W/\"69a554a3-107a\"\r\nexpires: Thu, 04 Mar 2027 02:38:59 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:38:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1011\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4218,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4218), with no line terminators","md5":"bdd0c7a665400d7d85f52220b49e2158","sha1":"181c07b03ec182a9ca7be4c7c1ce4aa340eccf24","sha256":"9a0bfde4cdac09bbd966cdf2f175686e833952339cc1117ea61aa7a0bd5d52e4","sha512":"73f146cf75df0c4553c35ccfba04f1faf010befb92a482d13e9c150610174693e63b9b9bae6c764874cc3e0b849ca1e1f122dc01857dd87af02d0c8cb364cf89","ssdeep":"48:lD/rF5jQ9VcKRlWdV1HwiTGWiC3DQVUbBubKDeAOnRenMERUuTFHMllxbXxK/ebM:Ro9VcCa5FYKJatULxkfNmb","tlshash":"d991e88db1c2f6940737a1b4c0bf219be77e2ce1784a96508e91b0e17e24165b773a1b","first_seen":"2025-02-20T10:16:23.066778Z","last_seen":"2026-04-04T10:02:38.923222Z","times_seen":18349,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/message/notice","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/message/notice HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 53c95476aa8910885f64497c84b5ecf0\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: PlHIv0sZ0jedblzHbY32FHTEDLT8dZWH\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 57\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":57,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"flag\":1}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 706\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":836,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"452cc0bc943a97056519ec3ef0f07d93","sha1":"419fac90fb603aa787876445c6e04e2cc874690a","sha256":"8788fac800e429ff6eefb3056d9df70122108a977c28e966f85d4890e4ce251e","sha512":"b4746c49443e1d8d2788137d8e48d40df0de79a63b6418903f3513eed4ce3876605a1bd845f773487f1f955328634ce3f29589a804488c3a7abf8a648c7507c9","ssdeep":"","tlshash":"430186d6314d5dc2d4ca00a570e0eea119537ad723d0e28cdd481a89a36d21e40edb56","first_seen":"2026-03-03T21:45:36.884053Z","last_seen":"2026-03-04T02:47:00.33545Z","times_seen":2,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":416,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_live/public/live/room/getRoomList","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_live/public/live/room/getRoomList HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 519615067e20e07d5da01fa69c36a8bf\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\nproductId: PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\r\nqid: tmspIfkWIkPBesELfNviVPzmYu2IS8xx\r\ntime: 1772592392298\r\nX-WEBSITE-CODE: pc\r\nContent-Length: 59\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":59,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"isLive\":1}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: https://www.yjedsgnx.com, *\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\nexpires: 0\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\npragma: no-cache\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncontent-length: 106\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"03e2677c275e98fb5f0491ba2be8ab48","sha1":"04fb5368254891d5d6e6d0409f8a9ffbf73e6a98","sha256":"d456491edf69114347f7e49602c2d7ab3e9c33b7a548adf768d177a72c713370","sha512":"8d203d96b75957b9b2c676aaa12784509c54bb7390e81b9c9c8708e0f1ce1aa0696f7de4e2e53dd5278ea9825339e12a0f1b717447ab85007080229eda17d152","ssdeep":"","tlshash":"02b012122c2805d2fb42f4577507031727e931821e001314c6dcd32cc70d21c1a01810","first_seen":"2025-05-16T16:21:26.752396Z","last_seen":"2026-04-04T10:02:38.849694Z","times_seen":17011,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":412,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/app.f4836001.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:27.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/app.f4836001.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:39:13 GMT\r\netag: W/\"69a5549f-19538\"\r\nexpires: Thu, 04 Mar 2027 02:39:13 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:13 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103736,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d1d04344d6c59108f8b91918523c702a","sha1":"efa4b98616b924dfde00afdfce9f318d2088f8ba","sha256":"0416d0acf01a3585f0fa832e6120f8d728e5ff3908e2bb6b052b358b5135c614","sha512":"9d3305232c761b402cbcd0e2a01300a59cded8739753b82fc5ce7542937bf132f37413805d34a790e0ea88f78312796b8a530d5f4ebec170c9ba6ab4dd5f7038","ssdeep":"1536:p6h3U6Kh6h3U6Kre6h3U6KzvmksJ/jLXOn2O:pRbejBsJ3XOnN","tlshash":"aea352b7f081258c9317ca1993c07bbd496fe062d6624eeab447773987c6ac207e251f","first_seen":"2026-02-06T02:02:05.84621Z","last_seen":"2026-03-05T14:33:04.659934Z","times_seen":1996,"resource_available":false,"data":null}},"time_used":1274,"timings":{"blocked":429,"dns":1,"connect":210,"send":0,"wait":412,"receive":0,"ssl":219},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/zl-mail-reg-ad.c50ecccf.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/zl-mail-reg-ad.c50ecccf.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf988-1b3f\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:54:00 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 6975\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6975,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"fb0607e874bc3eba46999acf15428b6b","sha1":"df2c44b99b7d7ceac8b0311805e76e6bb636c5d6","sha256":"432d128bbcd02e865e05d58dadec89ed1dd79cc5b547795783a2afe0399611f7","sha512":"4c3a2f311e580f10f4f8a03c4df18b66ad358ff57066e951874cef40a6b7d3941f5c2d048448dd0fc020861012670dbce95be37d8282d42b6accf436c9fce711","ssdeep":"192:xPL1LVQ7xfJYhRWoCdAujdjv5hW+AcI0UUXHX/60:J1LV4gRWozujI3cIKXHX/60","tlshash":"f4e19e58a03f13234bfb953ca74da4d612f83a7cc269d33812995d3ac136c60046c7aa","first_seen":"2025-12-29T13:32:32.226092Z","last_seen":"2026-04-04T10:02:38.876988Z","times_seen":5280,"resource_available":false,"data":null}},"time_used":4631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4631,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/2024-logo-banner-2.b87e4505.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/2024-logo-banner-2.b87e4505.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf985-a1c8\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 41416\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41416,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"3720b72c144df9109e00f564e36a7b32","sha1":"021f7a072cd83f5c0af8f22207cec530755ad55b","sha256":"fef20f20e0b90ef1d0303f1f6aeb39aef7187ffcfa5f3fffcfa0f77013c018cb","sha512":"18c744df58abe9cc3b7c1e4cf57141e7848d4064b41a445d80672b272ac3ff862efff82e3249b9d48b5321ceb1cdbe7d8533efb9f0947c5ba36803f8350dfdfc","ssdeep":"768:dfArnISClCafuJjRbZ+MGkhLDQnefJm0tz4OwhWo1HHEKNfg:RAbI1CaWxNnbnfhz71WkKq","tlshash":"e703f10c9c9f2a157494939dea0e3c97accc7e26faf2c9645055ae568770abc1c2c3f4","first_seen":"2025-12-29T13:32:32.223825Z","last_seen":"2026-04-04T10:02:38.886169Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":376,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_6.31b84993.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_6.31b84993.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-a1d\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2589\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2589,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"57347d6041714add661304e883a3a1f1","sha1":"c662a9c4dca02542887b9e2778b15261b616d188","sha256":"9eb8891e3ba68a45a878ea191759a6a7dead6560db1cb27f7364cbd73c24f26a","sha512":"5441f9eca6245241e92231bb7cbd0a06030afc6b53058115b6ce32564348ec8ced1588e633bfaee03ef4f58cfc22cd98d326d6ab4039e630b35f5c2470ddab96","ssdeep":"","tlshash":"0d511aa1ce4da27060ce718c50844de5e3147309fe9acd26bc17f255d67291aa4978ce","first_seen":"2025-12-29T13:32:32.247713Z","last_seen":"2026-04-04T10:02:38.90618Z","times_seen":5250,"resource_available":false,"data":null}},"time_used":3951,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3951,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_05.f3153096.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_05.f3153096.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-c1e\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 3102\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"4371c003340b9dd9acf8a3bcdff6524e","sha1":"2b5a08b6f292871b3fa485b1305a020fca3d212c","sha256":"6fba52b329dc24c2be00c0433448cf66a932016cc4c33530fcfbcb5300f41763","sha512":"55df9556064d59ade1ece93d7ca3019c3fab5166b9c15228781f83b209ff5f15667f0be3aa8925ab038fe37d4d6f6c79333d54578d85fd883dc3079cf248c10f","ssdeep":"","tlshash":"e8514c78a15dd2011326316dcc6db0a0dd4e129aea8affb549580433ed7b155aef8494","first_seen":"2025-12-29T13:32:32.250719Z","last_seen":"2026-04-04T10:02:38.917201Z","times_seen":5252,"resource_available":false,"data":null}},"time_used":3938,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3938,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/loading-icon.a3ecf8da.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/loading-icon.a3ecf8da.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:29 GMT\r\netag: \"699bf987-27c5\"\r\nexpires: Thu, 04 Mar 2027 02:46:29 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 10181\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10181,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"9cdde9661bff6db8b38c53e2ac49368b","sha1":"75d032f431143a3e54d7340ab099b5aea3e63e1a","sha256":"bfa7ae8086ab2547ae975cca906067cb94d244c309e093fd34aa0f85e1dae1f3","sha512":"05ef2f443eaf4faa7d76304524ee9843b48422b050e2a31aac22036f4c7e2b62fb1c3f1b847b18542586ce0c9ad6a749b490e415037dde4262cf1e58fb08d85d","ssdeep":"192:4Qv0fU93DwKZD4Yyll/d93daclWlPVJ63lteKRJzQWJKX:TvwiwKedd3aPb07PRZ8X","tlshash":"e322bfcd381143302b6271accd0991a7b1137665c68ec62955d3ddb6f2b315ccaa8cf7","first_seen":"2025-12-29T13:32:32.25262Z","last_seen":"2026-04-04T10:02:38.900151Z","times_seen":5365,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":428,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/static/_wms/_l/_data/form/wms-form-headerSlot.json?e5a5459fb958ee53a681d2826449e88c","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/static/_wms/_l/_data/form/wms-form-headerSlot.json?e5a5459fb958ee53a681d2826449e88c HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: W/\"68ff0d73-998\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 27 Oct 2025 06:13:07 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 1924\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2456,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (2456), with no line terminators","md5":"c51985f533bcbdd37cd164d6f43f65ab","sha1":"06d75b77def4ea70223d416b76c7af9aa9d031d1","sha256":"fa3aac1354ad8920480c9b4e678b7afebc40f9a08b2e04108f65e457bd923d37","sha512":"e50478c2f3cee9030fc7c1f5dfb0ccb669d870b513277049c571cd3b2894f967d8d94534e3b7dafe1323baa2fe6a93ba183223aa4125707f765b8e4b84758445","ssdeep":"","tlshash":"41513de51aeb70d3304704fa2e480651de6c10cae8024917637d38c93709da568961f2","first_seen":"2025-10-27T07:31:23.486779Z","last_seen":"2026-03-16T05:25:20.700044Z","times_seen":12760,"resource_available":false,"data":null}},"time_used":3565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3s.hqvai.com/api/v1/stats/collect","fqdn":"3s.hqvai.com","domain":"hqvai.com","tld":"com"},"ip":{"addr":"38.150.72.238","port":443,"asn":142267,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:37.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.hqvai.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 24 Sep 2025 00:00:00 GMT","end":"Thu, 24 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:1E:74:31:EC:AC:CD:B1:2E:D8:AD:43:C6:EC:9C:C7:F3:AF:C8:FB","sha256":"D8:13:B1:71:B8:7C:BE:95:8D:73:43:F3:CC:AF:7C:31:F3:AA:B9:C6:3B:08:81:A1:3D:B6:A1:A3:45:B3:3A:37"}}},"request":{"raw":"OPTIONS /api/v1/stats/collect HTTP/1.1\r\nHost: 3s.hqvai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: x-requested-with\r\nReferer: https://www.yjedsgnx.com/\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: x-requested-with\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-type: application/octet-stream\r\ndate: Wed, 04 Mar 2026 02:46:37 GMT\r\nserver: FastServer\r\ncontent-length: 34\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e19fb88180d8d4d3d0e4e9996c358875","sha1":"47671f435eeea682b4f68c8432efff5dc3051ce3","sha256":"56b0161eedf5558313aba167032a3a1bf0532985565b83f1f3db5bfcdd326d9c","sha512":"9b470d1671f9a9cb73b0f7b7c3997e8a23b42836e36ba66654aee0bd0fc45637328ff8f971b3a64f13e03415b3cd75d68ebe7a8b3e22223d706fe958d33d138d","ssdeep":"","tlshash":"7e800080822a2aba3ac3288233323a202fa02a80000a208e030c8c280380cc3800a308","first_seen":"2023-04-19T19:35:48Z","last_seen":"2026-04-04T10:02:38.83232Z","times_seen":13776,"resource_available":false,"data":null}},"time_used":1221,"timings":{"blocked":482,"dns":44,"connect":208,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"3s.hqvai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"zaixksi.jingyi-edu.com/?3504923.html?gaomingezodkcl812718","fqdn":"zaixksi.jingyi-edu.com","domain":"jingyi-edu.com","tld":"com"},"ip":{"addr":"198.2.207.81","port":80,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T02:46:24.613Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?3504923.html?gaomingezodkcl812718 HTTP/1.1\r\nHost: zaixksi.jingyi-edu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 02:46:24 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nETag: W/\"6f4d-npqyqRFgQEMvI5aiVDvhOUifOoY\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":28493,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16409)","md5":"5c145b374dacfd1bf191d0c20af0553c","sha1":"2c33942b684d1e666d18a3127bf84b0fde691c79","sha256":"06107fb2f828c614a2a8d7738dd7c2983c2c39ed4398ac0a9ed17888e483f869","sha512":"89e49191c2190811db37dbe9c55fc02951220a017a44370cb9a56eea0040ce0ffac35bd396c0966c68e1aa889ce516e16305a1676f7a3e718e728d3a3d969f73","ssdeep":"768:W+0kH/PsSvDrFkMOIoyArI3JKxot2vWHi:WY/PsS6LIUrzot0WC","tlshash":"37d2c8338b84552b122f88e6e8b49f6de05353accb25ee83b9f44c710755f63a41729e","first_seen":"2026-03-04T02:47:00.340785Z","last_seen":"2026-03-04T02:47:00.340785Z","times_seen":1,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":167,"dns":1,"connect":170,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"zaixksi.jingyi-edu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-57cda438.f512d899.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-57cda438.f512d899.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:39:44 GMT\r\netag: W/\"699bf988-5395\"\r\nexpires: Thu, 04 Mar 2027 02:39:44 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:44 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":21397,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (21397), with no line terminators","md5":"a8e0606efa56e48572d5dd7473c6043e","sha1":"ee928da7cea532f572842690068148748807df6c","sha256":"2c4e2e06df2c7d7e395bb7f7ae9d1fdfc96f6938225c68d02e948baaeab55133","sha512":"03beb204e4611ca4ae8e162daaa88ca09c0628720d3a1b7e3b3c68b734cbce97373955fed066ecfe628f310e8e521bb325ff97d13f55add216439bac5604f6b4","ssdeep":"192:bnE2JstMcPkbFp+O+lWYv+/hWFwEaOGAtkXfAnAqgQ7JehJ/M23nAzuQRRd:bnNJs+cCFp+OWT+ZWFwEaOrCEe5yuQzd","tlshash":"e7a2d1d936c0b066a3632a78413f391f70e29b51e94fce50be6bd2c0b96a0fd1257d49","first_seen":"2026-01-30T09:26:23.715514Z","last_seen":"2026-04-04T10:02:38.867647Z","times_seen":3379,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/img/_wms/_l/folder/main_banner/PCH5rsgs0520-750x252.jpg_.avif?v=1772592392229","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/img/_wms/_l/folder/main_banner/PCH5rsgs0520-750x252.jpg_.avif?v=1772592392229 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"68df5b03-8e09\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Fri, 03 Oct 2025 05:11:31 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 36361\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36361,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"95efa9aec08a8a421e09c99fa3b138ae","sha1":"7127fdaffc935740ae9122c0a0952df306216f24","sha256":"ca1069e214b373818beefdfcc805381305501348bb2436c0c1f8778c644c774b","sha512":"42d1b7b236cd9e90d267cef3f3deebf08d473bcce0d3b94fd07c6f9f0d2a6e44bd31189d26b5006871aeaaa2b3bf5496c9c4dbc5c1cb477ed398166e28771e56","ssdeep":"768:4cf/BTb/S4i9rsN9cNKxZYG2IHEiYqDi5yNERfU0+536GYXoz:4cf/BkrsNCYxZtYsisafU0+536GYYz","tlshash":"75f2e137c946b6e88e46a26d6b5100015ca64ef2fc42ce405162777d467a7fe713e3f2","first_seen":"2026-03-04T02:37:02.671197Z","last_seen":"2026-04-04T10:02:38.900854Z","times_seen":927,"resource_available":false,"data":null}},"time_used":4040,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3618,"receive":422,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-218c9962.5d3f989b.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-218c9962.5d3f989b.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:36:59 GMT\r\netag: W/\"69a554a3-2149f\"\r\nexpires: Thu, 04 Mar 2027 02:36:59 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:36:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136351,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bc1de173df03e26bfc6bd8fd052ed56f","sha1":"9745b1461cdc35b85abfeac7cb103707409e61db","sha256":"95ba2598a70e9252ec1aaaf789ab379b909562e1d6de3f015d7bc12492a9a48c","sha512":"4735b3b548a003d5d67c5c6399349a26ac815c61ecaf322ab469c0a512e83a800bf87a4263552f08a09821f1cf4f86b3d9291237c442799bdc09627f417099a9","ssdeep":"3072:pXVNfYSq8kyb46d9G4qQ/WmfH76LZL+kkIZJSB:pnfxkybDG4qQ/WmfH76LZL+kkI7SB","tlshash":"68d30889b31071a591e72256539e810263b35855b90ad0e431b6c8dbacbdd9c03ffffa","first_seen":"2023-03-07T12:21:20Z","last_seen":"2026-04-04T10:02:38.93107Z","times_seen":18483,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/sysdate","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:30.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/sysdate HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 4de028d78401e8e0002847fa28bdc714\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: WxLVruvrLXJJOfH3pPhsO36e5893e7gv\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:31 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 263\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":259,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"cfe1ebdd36877ecd8e2100dbdfc0afcb","sha1":"437a5fe6caba765873485e16ed9f2345b12f23cf","sha256":"5250d045457b4c728d2ebcb050540dfaafa2611d80541d8cef5331b970675c22","sha512":"f7eccc171f9fdf101818e0c0baaa177f85d552e4b8a844246710d575cb09171abaace03148bbbfc5f40a827d45d742df73e1d44c819d11e4b91924ffc1fd74d0","ssdeep":"","tlshash":"3fd095c93f9f85a05ff040d4555a37d40570f3754c7c5548020d751d51d043e1044851","first_seen":"2026-03-04T02:47:00.343206Z","last_seen":"2026-03-04T02:47:00.343206Z","times_seen":1,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":406,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/img/_wms/_l/folder/brand/PC-JPsecond-reg-750x250.jpg_.avif?v=1772592392229","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/img/_wms/_l/folder/brand/PC-JPsecond-reg-750x250.jpg_.avif?v=1772592392229 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"697adaa8-131f0\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Thu, 29 Jan 2026 03:57:28 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 78320\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78320,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"c64e60dfe15781cd2f417c5c9737c3f4","sha1":"7c5b1c3b55be4ca501cea076f9a337d4b3973cc0","sha256":"6c3500ce19940cce70f339b12e60fd9036f723a421dd5878809ce2cd241c36df","sha512":"6616b0f668f2d8b76d4b193d166fdf175f87c93f90075b0ed8512dded851eac0cd806903057ee61d78659c2711133bc7dedcfeea60d8349831c756037d3fe28e","ssdeep":"1536:DXUoI1f7gLrkO2gQWxn4zvOKpJP2XNkyFsDnWzq62thXyqV0A3wpw1:YoA0PHZezvOAS8nWm66hXyC5","tlshash":"307302b38c71b85871ad28df259a46105baf1c8cd056d011336ea873a47eb9f39fde42","first_seen":"2026-01-29T13:25:43.827474Z","last_seen":"2026-03-11T03:04:25.87205Z","times_seen":2600,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":444,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/game/queryGames","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:33.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/game/queryGames HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 6afc7d0fea747557a6afdd52a2079f5c\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: FI8sJSIQW1prQRpLeoL3QQFTRGwcocQZ\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:33 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":16216,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9918a1aeac87b5eed0f29e87d8840c01","sha1":"7cd2771dfa3c75e6c4660a197810adc5cb454dda","sha256":"9d0edb65f84305daec9e0723bf286e50423bff3d6226696b5717114bb8a45c9e","sha512":"77b41555869a5b75be76330a23a45b9fa780e6c632668983f3bfd13ecf60c63ebca37de883f76bdfab8dce77a23dbb70ebb68c53cb598104729b9e959bf879bc","ssdeep":"384:jCUKmgOs/iqOav+Sc37xGPXV5LkNdkAHqAQfk9S16odUA:jC4s/ym+SexGPPLAkAHqCsBr","tlshash":"8172cf8da1236889dd1f481c2487f12b7bb170d3907cec2d4f7114d7600b9866fa7599","first_seen":"2026-03-04T02:47:00.344505Z","last_seen":"2026-03-04T02:47:00.344505Z","times_seen":1,"resource_available":false,"data":null}},"time_used":513,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":513,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-5ed6725d.fa14b133.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-5ed6725d.fa14b133.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:41:22 GMT\r\netag: W/\"69a554a3-644b\"\r\nexpires: Thu, 04 Mar 2027 02:41:22 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:41:22 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25675,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (25481), with no line terminators","md5":"feded89ac2fe52672be87cc3f69bad2b","sha1":"62f014bd8747ba4dca1052825f4597e326a5a294","sha256":"556d7c5a3a70f03afc4179876ff711633c465b9b4c07d25f1dd853246f9c902e","sha512":"f19db99724c10f4ac3593de9691b2061e634c10e29a593fe8c0c64ef781b5578cf71373f797b8aca90d6b3d7e68a311463fbe378a3ce605f5a754281ed621c93","ssdeep":"384:PEg3t1oNCBxjsuyaTRAadc+eMzeOHvzd1cRfFldxUbq47:sWeixjs5aFzdcwBzcRfndxD47","tlshash":"78b2844eb2c3b04527a3b068451f790bb3b93725648fc584f6aaded0a93d82f5272d1d","first_seen":"2026-02-25T11:07:02.350737Z","last_seen":"2026-03-12T02:08:12.164077Z","times_seen":378,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/cdn/344a78FW2/favicon.png","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"GET /cdn/344a78FW2/favicon.png HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 02:46:29 GMT\r\netag: W/\"68a57ec6-1aeb\"\r\nlast-modified: Wed, 20 Aug 2025 07:52:38 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced","md5":"7226068407351d70a73e4d42fe27cf77","sha1":"eb1c88ec36b539b7c7a3e17fc1c2fa4075b2c1c9","sha256":"f286bad79eb8f3ad54992b441ee50926bd2f33abe0ace7d427ecd22b300fcebf","sha512":"739c4ebf6be89acfb1f1e648caa229123d6c6b684a5b2c7f2b1c90eb31d10fb95fb635f0b5abcc28aa7b37a1a39fbe9cbed30178e9fa6c572727230a34e02616","ssdeep":"192:AS6+RphRlpGTvNRCJG8rR03AEGRcSMbKcZOTz6:AMpHLGzDgQjGiSMWn6","tlshash":"3ce1af883bba44dc47b40f37b8e7771b468cd26ca50b9e12970d501fbb430da9579257","first_seen":"2024-12-03T01:53:59.54056Z","last_seen":"2026-04-04T10:02:38.894586Z","times_seen":7054,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-3b31b386.f7099f20.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-3b31b386.f7099f20.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:40:06 GMT\r\netag: W/\"69a5549f-5c53\"\r\nexpires: Thu, 04 Mar 2027 02:40:06 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:40:06 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2312\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23635,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (23635), with no line terminators","md5":"6772ceef087d9098c9af280ead070182","sha1":"bf5318986f8bce6fe8950488d36e0b5b601523bb","sha256":"acb9f27144095a8bbb85390b9190316edd8a701b0649ae3b1984f58345ac77bf","sha512":"d1d2e6082f2c77c3ef515ddd95045297c8d37911303e1e8fa953cf73154e73d673d7b10c2dc1f0f5918b809d0ccf466dbad6cc50a37e7a461d6883d70baa7378","ssdeep":"384:rPSxj2Mh3U6K5ZsA0WEtEYEx+EzPSxj2Mh3U6K5ZsA0WEtEYExPmzsl3CWThPPST:TSAMh3U6KGELSAMh3U6Knmzsl3CWThnq","tlshash":"f1b2757ce80a38e3a26b43fdc290b4054d0ab557da135f107ad2e199b58dec117cbb67","first_seen":"2025-11-20T02:21:21.489416Z","last_seen":"2026-03-05T14:33:04.671279Z","times_seen":10016,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-c045d38c.5bac6d90.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-c045d38c.5bac6d90.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:39:19 GMT\r\netag: W/\"69a5549f-160e\"\r\nexpires: Thu, 04 Mar 2027 02:39:19 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:19 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1708\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5646,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5646), with no line terminators","md5":"9e54b826cea37d5a84de87b691c58c77","sha1":"76a97498c63c235641c25fc03541c46acdc6102b","sha256":"f43cda8fd2607feff9db7e0d880222dd33b1b2b95e7eac91e41d3ff96916dc70","sha512":"47b7546f061dcf17cb9314e44fc8326dfdf4a0f32bf1bc1737c59fb8ecb127253601bf8380d90fd8055d9bf4a1c949cd1123860b9560757f0778fdb3c91866c2","ssdeep":"96:wCowvhNSwYLjUfXNwfXh3U6KOsZsQfECBjnO6IfWEjxEElEEeajsvNdqyU1G12x:wCowvhNSw8jwNw/h3U6KOsZsQBT0WEj7","tlshash":"79c17678e80e38e3a26b47bdc190b8054d05b557d6135f147ad2e19db6c9ec207c7b27","first_seen":"2025-11-20T02:21:21.521435Z","last_seen":"2026-03-05T14:33:04.698549Z","times_seen":10033,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-143a7152.d94cc963.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-143a7152.d94cc963.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:40:06 GMT\r\netag: W/\"69a5549f-68d5\"\r\nexpires: Thu, 04 Mar 2027 02:40:06 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:40:06 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":26837,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (26837), with no line terminators","md5":"0d48673e454fccd78d9682c693657a32","sha1":"49382c24212a74df67ee924253d907b8bfe14170","sha256":"361adc5e9d2f266e2d094acc1be383acf1aae2e06952735bec96bbebb9d71ada","sha512":"8fb53a966279d38696a5bdf9841297cc3a9bfa6e2f750b2be63c953d40db237a1ec4ab6066ebc20dd7646e80587d9a3e1757f27637e03a32267ac3f1341a122b","ssdeep":"384:y1q/y5Ccfi5oemXjoV5YPSxj2Mh3U6K5ZsA0WEtEYExaT/:y1f5bfi5oemXjomSAMh3U6KCT/","tlshash":"41c2a63957013027a23b4f6e86d49a784724d99386530eef73c0de59d3e69a4138f397","first_seen":"2025-11-20T02:21:21.411936Z","last_seen":"2026-03-05T14:33:04.636755Z","times_seen":10030,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-f2895cd8.b144dd27.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-f2895cd8.b144dd27.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:39:44 GMT\r\netag: W/\"69a554a3-222b1\"\r\nexpires: Thu, 04 Mar 2027 02:39:44 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:44 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8fc94e200090595bd399f9aa49a832f6","sha1":"c09a448c0cec9ea5bbf82fd8b93c978792f78827","sha256":"ca8033b5862b64c8ef284f53b4953a967c5c113d89018fde5c8f9246e4674e75","sha512":"ef918743a00029a9d542d47b88fb7d44d7be448b3610f0b3e76fc4b48898d02c36c76a0db5e03c1d07dee42036a6c3ddb3f3db5070815285f9ede2337be5ea77","ssdeep":"1536:y55bfi5oLXjp6h3U6Kb6h3U6KT6h3U6KM6h3U6Kk6h3U6KC6h3U6KDpErhxG/+6D:yrfi5oLXjprDcUyuwu2DEEfm2","tlshash":"91d3d838e80a24a3a67b4bbd82d0b8584a05f553ca134f58b6d2e199f7dedc113c7763","first_seen":"2026-01-30T09:26:23.679102Z","last_seen":"2026-03-05T14:33:04.66149Z","times_seen":2518,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"ips2.io/ws?\u0026appId=zjypgzpTZehZj322R4A2Wi6gKc3qrbW4","fqdn":"ips2.io","domain":"ips2.io","tld":"io"},"ip":{"addr":"154.38.220.231","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ips2.io","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 11 Jul 2025 00:00:00 GMT","end":"Sat, 11 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:63:DD:3C:A3:84:AB:B1:43:27:6E:D9:B7:64:07:7B:E9:31:70:2C","sha256":"D5:DF:A9:56:F9:E1:89:B9:8F:F8:DA:ED:38:78:6A:D9:10:2E:CF:24:EC:0E:3F:B6:D9:C2:A0:85:6A:8D:C3:33"}}},"request":{"raw":"GET /ws?\u0026appId=zjypgzpTZehZj322R4A2Wi6gKc3qrbW4 HTTP/1.1\r\nHost: ips2.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://www.yjedsgnx.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: uOUzGiqkjWmJ257ZRTZhMQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Length: 21\r\nConnection: keep-alive\r\nContent-Type: text/plain; charset=utf-8\r\nDate: Wed, 04 Mar 2026 02:46:31 GMT\r\nServer: openresty/1.25.3.2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty:1.25.3.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":2420,"timings":{"blocked":0,"dns":811,"connect":1070,"send":0,"wait":267,"receive":3,"ssl":1081},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"ips2.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/3s_web_detect.js?product=344a78\u0026module=frontend_new\u0026v=20250507","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:27.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/static/3s_web_detect.js?product=344a78\u0026module=frontend_new\u0026v=20250507 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:44:20 GMT\r\netag: W/\"699bf988-b2b6\"\r\nexpires: Thu, 04 Mar 2027 02:44:20 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:44:20 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45750,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (45683)","md5":"6d14ddc3e8bc1dc79357b74159f71f04","sha1":"12df5570db8c8deb75256ec7aa78c50955bf8a41","sha256":"8b252c8fec657c4596fdc851ccfdeb8ed1c9b2433f19f63d643eb1d0275d669c","sha512":"6fc44d271e892bba6d48fe9ddbdde790bb336538f7e5925e00954a832530727524285dc7132da036117e2dc27424be78f740ea87192664c3ce1d64d87f3f0ba5","ssdeep":"768:N52s3s7wTspsksLhsN5AOzYGwDgWRb/AM07OTQpzfxe5qefL:NsojTQp2hIUgWp/AM07Tfxe5x","tlshash":"b7232a9d718a7075437366e9273ff208b0766aa0240e8400bb7695853c74e5be27bfed","first_seen":"2025-04-27T22:25:38.185365Z","last_seen":"2026-04-04T10:02:38.907924Z","times_seen":18535,"resource_available":true,"data":null}},"time_used":1063,"timings":{"blocked":425,"dns":2,"connect":210,"send":0,"wait":209,"receive":0,"ssl":215},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/?palcode=1017659939","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T02:46:25.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"GET /?palcode=1017659939 HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://zaixksi.jingyi-edu.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:25 GMT\r\netag: W/\"69a640df-9f2\"\r\nlast-modified: Tue, 03 Mar 2026 02:01:03 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-length: 1572\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2546,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1576), with no line terminators","md5":"1b456ce0e673ed61754bb4bb07c50b85","sha1":"e89a422e2f41312cea190eb2c1b6494426a614bd","sha256":"1d7090312e8514f7d764856915d0570ccd0adce126750d6230cc0fe336e485bd","sha512":"86abadc4e14e34ab53ca2a5178596943a1105503872749ef53ec8860ebd64cc8710a8afda87ce5511f49529017466684dd64cb5c33b4c2b454ae9ffa31e2a928","ssdeep":"","tlshash":"bc51d9b72270f49e6204c2f17b6d222c800a5f1e51715d71e7c509fd9ae0ba4896204b","first_seen":"2026-03-03T06:51:57.063295Z","last_seen":"2026-03-05T02:04:20.403463Z","times_seen":83,"resource_available":true,"data":null}},"time_used":1347,"timings":{"blocked":543,"dns":2,"connect":254,"send":0,"wait":256,"receive":0,"ssl":287},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/dynamic/query","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/dynamic/query HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: dc486f3b86cc0a74588437c280011d16\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: F5X4WE3EfMriEr2iniN9OG0Tkr32zu23\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 76\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":76,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"bizCode\":\"REGISTER_BANNER\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 1899\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2415,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"77e0850385e42605881221d96ef41246","sha1":"8131c493e3bf56a37b80af9726b626440445851d","sha256":"f1d9702fb7dd716243e0597b0c417bba2a4c0119ce69136015e4901156cf2aa0","sha512":"dde71a9f9636b363a137597776679d1aeb2e7ad37f4772d76e5a054576c3660d7d0d5e5f24a4f13297796528ae6511b8576599fc12b6367a994d958ebf7de6e5","ssdeep":"","tlshash":"0d413b8ecb99815bccf025a85b31f68756229c1d3bf594a0d188141f05f7d2d532a84f","first_seen":"2026-03-04T02:47:00.348802Z","last_seen":"2026-03-11T03:04:25.822115Z","times_seen":84,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":400,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-01ee470e.6700050d.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-01ee470e.6700050d.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 02:46:19 GMT\r\netag: W/\"69a554a3-35731\"\r\nexpires: Thu, 04 Mar 2027 02:46:19 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:46:19 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":218929,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c1e847e7c04016040c24c72655fa2051","sha1":"0074026e0dc336319bfc7e2153a4fb1e01a9336a","sha256":"78e56b57c137c0c8e6abd6bd03c6f2f14ed3bd7dbc679e83980b0ac6d02f241e","sha512":"a9fbf63392d762a7fbccd935c91626aa0f86bf0676f618411967e15192cc258bbd2a266fda9c2bf0b978bcd1722bf787653ffef41d2291edb24bef63ac46a5ac","ssdeep":"3072:7jrfi5oLXjprC7lyVgPD342+MmY+24wdnJOaXlcsD:nrfi5oLXj5WdQaz","tlshash":"1c24d878e80a38b3a23b4b7d9290b5094909f553c6131f6876d2e16ef6cadc113cb767","first_seen":"2026-02-11T20:26:16.579804Z","last_seen":"2026-03-05T02:04:20.408934Z","times_seen":1400,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-c045d38c.b80a1b4d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-c045d38c.b80a1b4d.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:45:31 GMT\r\netag: W/\"69a554a3-df8d\"\r\nexpires: Thu, 04 Mar 2027 02:45:31 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:45:31 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57229,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (57229), with no line terminators","md5":"f8c5524a2bcefb34c1f66c95d9596ea3","sha1":"2d82db3bfdd2952df9ef079ee7787b282596e47f","sha256":"de24c81f3372531294ee4926a24bf92ee9f0611c3267e3b635c1db9a0218bf90","sha512":"b28b4307cb0172bb3f57286546bde289dc876a2ffe588c599eade18210a42eb3f4cd2d9d51c65a78f74aaa7c45003a1844323ef9e854f5a55f12b025395687ab","ssdeep":"768:OnU18iiyn2IplB3skTfys9aVqB0pZy9U901vNqV3lrTrCKRzISQ3Q49NzKfhCKWl:OFs1TfyqBquqJlrxFgh2zse0D","tlshash":"d943d588f695b05903a764a4002f140bf1bae928b85d58b4e751e4d27cf8eded07bf78","first_seen":"2025-11-20T02:21:21.469468Z","last_seen":"2026-04-04T10:02:38.897837Z","times_seen":10909,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d22c4f1.fae6d28c.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:30.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d22c4f1.fae6d28c.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:38:59 GMT\r\netag: \"69a554a3-f6\"\r\nexpires: Thu, 04 Mar 2027 02:38:59 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:38:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":246,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"166690ac780d03f8314a059f428a604c","sha1":"55242f5db60e06a61d4a798faa2bc14a94fa6277","sha256":"c2e827497b807a6b5ef6a5fd659b8890dde8ab13b04999aa2d6d9b6cfabdd9d5","sha512":"91ccad9b65336dfa6fd1e42529e0aac0d0e3d5fe7b4d339ffb2cd5e4a7905f1f2a5b645825aa30a56a7f3cadc782e95069b1d66c0b676e952885415cd2d9243c","ssdeep":"","tlshash":"52d02eae3041f420197ea5d410af33b6e2af34942ee914240ee0e4e03a618cc643164b","first_seen":"2025-04-27T22:25:38.207325Z","last_seen":"2026-04-04T10:02:38.882705Z","times_seen":18272,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0a3529.c166e1a1.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d0a3529.c166e1a1.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:37:38 GMT\r\netag: \"69a554a3-371\"\r\nexpires: Thu, 04 Mar 2027 02:37:38 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:37:38 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 881\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":881,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (881), with no line terminators","md5":"0a3ae42df44a01557a7182f000a7cfcb","sha1":"1ab42fd4fccc139fc48e075e54b64f506f9e2f0d","sha256":"b22cd2d8ffdfe96036d9a824863f3342126a8ed17615bda1a1ca1774964bcbc3","sha512":"b2fadab7e2d28ffa1ed68abcfadf998070c75ba941c370d99990eca9502a714bd45d2ecfd0f9b4918a144d711c66a30953ae80ac2088f13eec1896b75e7f6e91","ssdeep":"","tlshash":"5d1176cdb0c1f4c48637e0a8306b329ba33f28956c0999958f95b0d67b21158a762b9f","first_seen":"2024-12-28T16:15:55.716131Z","last_seen":"2026-04-04T10:02:38.825038Z","times_seen":18252,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/checkIsCNIp","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/checkIsCNIp HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: a12d64ee033e3cee291c84b77fb3f625\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: 3qKNiaDskkAhYRkdW2h2teq3PYI6wiTw\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 123\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":111,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b7a755e0174274239a08bb3b863d006b","sha1":"8b84a3a430625d7e05befc97475b7878e03ffe29","sha256":"dbb45e7e30e18cef8e7b4a22687884457bba71cf76498cfb985b66e0e137a56b","sha512":"5d659ebeb5cf24acc9e75157003c45d1817ca0848eed897b224dd819b323e8e9b05d83af267fbb0620d911ad04dcc8586947eda1230597e934f228a1416c398a","ssdeep":"","tlshash":"b3b012991cadcaa2ace602f4d61a33150030b7216ab8f518491d752e10f611e30635d4","first_seen":"2025-10-14T02:19:39.116827Z","last_seen":"2026-04-04T10:02:38.848243Z","times_seen":2190,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/queryVIPLine","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/queryVIPLine HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: e69a49bd7e615b5380ef04ef46a65770\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: QNreVfyqzePpzZCTIJHJM1N2B5tnUnj5\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 65\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":65,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"currency\":\"CNY\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 144\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":132,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6bec9d8a839246d0bdd8eea9b1eaab2f","sha1":"5d7f1d9a5b90014c2ed2255f4f5f832ce86b39d3","sha256":"995a44e167b0c26852a28ceae41eb464af3346d36c232a3d277f14c82dc1cf57","sha512":"0e368ce26868150057f838e9ce2732b4f632664ec636e26d1381a185309da8017c74ddd3013884638950719a529995e4a08e18fb10243d451ca71da0e213dc60","ssdeep":"","tlshash":"d9c02b415efcc6a295e320f4ec473b3010707e35003464084918a12440f121d0280092","first_seen":"2026-02-27T14:23:17.444687Z","last_seen":"2026-04-01T19:30:39.359833Z","times_seen":8,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":490,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-3b31b386.46091465.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:29.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-3b31b386.46091465.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:43:20 GMT\r\netag: W/\"69a554a3-690f\"\r\nexpires: Thu, 04 Mar 2027 02:43:20 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:43:20 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26895,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26163), with no line terminators","md5":"9bb9c28a2ea36dacc29bb61343ce1340","sha1":"a37792a198d20d23480bf744eafde7c3a31d3766","sha256":"0f7518d25f36e799f5d4364c4712cece7f372d5a46e0842efb5966656391d214","sha512":"bbd51e240e9c38df83012fd2d1fed3052c678474967d6cc02f255e96f805cbb5256147919ac5302171cf660347581e952f62d2aa9b04bdf2dd2bb1300bfe1e0c","ssdeep":"384:JGaZPEJE2DaFsEszsyD9fxEb1zOqxCTAcp+SeFmuVPV1VX/vL0gHPp9bvEdnWak2:JGwPE6k7YNVTtjNakn2","tlshash":"c2c2b69cb1daf0860fb260b054bf5107f27a6d98a80994c1b970e4c17db4e96a372f7d","first_seen":"2025-12-12T04:38:56.896059Z","last_seen":"2026-04-04T10:02:38.858419Z","times_seen":6338,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-62938ae4.1a3761ef.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-62938ae4.1a3761ef.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:39:39 GMT\r\netag: W/\"69a554a3-ae5c\"\r\nexpires: Thu, 04 Mar 2027 02:39:39 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:39:39 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44636,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (44434), with no line terminators","md5":"3815bf3bb10dd5e1e02aac55c226b427","sha1":"f58cd168a5e3703ecff57ddf96744644ff493748","sha256":"37d75259dada6e6f6fa228b8596bc23d4d52fcbc5187d4298bf44224b65e8d3b","sha512":"68ac65be94020f6459f7ffcf57e69882b1a434867a8d1eea85325f754dcb7fd15316cd226fd0c5596836005b2301b3bb5af059d77758c45463a299cfa3e436a5","ssdeep":"768:dkvNvD9M/D3jx3MywSsSLF4WNWHJRW0lRqf10d+evmawTy9t2iJIsD/AwoHeC:0vVlMf10mZT6oiJVD/Axb","tlshash":"a8131918b08af1cf4e7370a1a41f2583f1a61b80d109e9a9f774d5c1e795d2d239e93e","first_seen":"2026-01-30T09:26:23.68339Z","last_seen":"2026-03-26T00:24:46.177279Z","times_seen":3190,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_00.f847337c.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_00.f847337c.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:35 GMT\r\netag: \"699bf987-93f\"\r\nexpires: Thu, 04 Mar 2027 02:46:35 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2367\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2367,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"e147fb8e3387295fd3a96724a7f35571","sha1":"6f84ca8bc84950cd73159680e8a1ba4cc1191700","sha256":"7a31ec957d93072e0009a7e978dc2c8af7e6865a3a6af914a06ee52efd45c235","sha512":"a0ca4037e223fe460dab891ac4f6b18c274b31e7273a5046e025e7fe687a4efdc5dae158258ea9bca720a73a865517d52a8fb5718b791553f8cdb9951cb488cb","ssdeep":"","tlshash":"30414d79f45ed378e2541afd59058b3282882211d9c7d13a1b4cc171aa3901c13dc5dd","first_seen":"2025-12-29T13:32:32.249962Z","last_seen":"2026-04-04T10:02:38.898649Z","times_seen":5251,"resource_available":false,"data":null}},"time_used":4163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_04.862920c4.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_04.862920c4.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf987-da3\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 3491\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":3491,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"6e02c11e5ce121baf79b1801ca673ace","sha1":"72217118112557ea7e32f86fb1f39661251892a8","sha256":"052556725c178db5b4aac812ae5657e67b50ef3d645ae26af24112279822457a","sha512":"1d5b6228e6e8a007653d95cf8490d6fc8ca7a7326ecbfd1e9959dea5e5688fd2aac0c7e0171dbc36cac81da7a858cb842a86816b790b930d179035927f646c36","ssdeep":"","tlshash":"08717d0e3418493b47a5048c448bf390dd0da60edee3f63d1e1daedea5350ada2422ca","first_seen":"2025-12-29T13:32:32.215309Z","last_seen":"2026-04-04T10:02:38.887087Z","times_seen":5251,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/icon-mission-center.e787dfe3.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/icon-mission-center.e787dfe3.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf986-43c\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:53:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 1084\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1084,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"ae05f4208e8b3587a843763516c3a417","sha1":"5564515de9f964dd8d6b017e0cbbe772d3caa1a9","sha256":"a9e94063e20f4f9c96658474932ee780e4673c43cb4d635813b07150e0a7c099","sha512":"657d1244e105e403f9d7ec6c71ea7b061094415117213b26d9de5989af0ed495f91a6039bb0b601386026e5334b7cc7bb1a215d4fc6410b9cd1178d5f931000f","ssdeep":"","tlshash":"3111a8165428c309cfb51a4c046cebba7012564ff3d2e4bd254685e7c5324ab49eefc6","first_seen":"2025-12-29T13:32:32.240478Z","last_seen":"2026-04-04T10:02:38.856706Z","times_seen":5248,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0e885d.d9c8f912.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d0e885d.d9c8f912.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:37:39 GMT\r\netag: \"69a554a3-101\"\r\nexpires: Thu, 04 Mar 2027 02:37:39 GMT\r\nlast-modified: Wed, 04 Mar 2026 02:37:39 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 257\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":257,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"714711cd68f029edafa6ab087f7dfe93","sha1":"6354f9ee41d4ee9a3df124281bd22e0c2d507370","sha256":"f2e041275dff90ac47488d2f49e161dd21cd8ecfc35f4ee81e0c816afbe3f7dd","sha512":"4d4ac7873175e901262fdf880c5cf54417a4e0fb66cdfaea94867dd99cb76f71b4dd3a2e96e70bce9b71c48afe64e21c3e30f15f12817d0c65f8294b315fcaaf","ssdeep":"","tlshash":"80d02b5e3081f44515bea5ec516f6391aa7b39a01e5624510d60b0d07734489812168f","first_seen":"2025-04-27T22:25:38.191844Z","last_seen":"2026-04-04T10:02:38.91026Z","times_seen":18205,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/dynamic/query","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.198.110","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:31.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Thu, 14 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:C4:B7:67:63:AE:10:F1:41:F3:4D:0C:9C:24:1C:A2:A3:42:49:AF","sha256":"98:C3:3D:5F:72:88:4B:0D:2A:CE:9D:A9:68:2F:06:65:04:F4:38:FA:86:08:11:F4:A8:6F:61:C2:19:CE:CF:4D"}}},"request":{"raw":"POST /_glaxy_344a78_/dynamic/query HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 22d236f96a3deb0d7d79f7253a836f30\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0JHIH4EyiDZEsQaq3mXNabcSVcXV3nii5dC6knORbShUhfItikUmF1Vgx/n2OCdyz80CJlUHED3XJ/oXQL50kWpPhbcfxlctB6z3yJ2a38Gqg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: dWQjXekCOo3SVqjr3uryV8GOl4ZAPnj8\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 70\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1772592390:10080\"; deviceid=SWMeekt4l+1tNSgir2PUmT8QtL8OpJ/i1E34CRm8RsDdHoOtsxkOLNG8ee2roEHoJYDjFuPKVsG+HJmICnp6nwQJPpeBhcXWSHOWcttjM0C0aWixxKVhGtErLrCg4Oj2dqUxRpCyWYwJw98OH4n9Lhg9UcWrKFsum2AJabfNi7c=; _ga_8FRE3KY7VN=GS2.1.s1772592390$o1$g0$t1772592390$j60$l0$h0; _ga=GA1.1.481727877.1772592390; JSESSIONID=31B96D37D118C85E30D718DBC6E575B4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":70,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"bizCode\":\"ENTRY_IMG\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Wed, 04 Mar 2026 02:46:31 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 561\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":643,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d3a30dd24fb37d0a1734c3d32c3fcc16","sha1":"ae62b676c0fd6e0e42d3f10b2de6d2286a2ddbd1","sha256":"207d38e71f7bfab556e664d452c01e89e90b263750851c9ae959e4f6e4d302ff","sha512":"68a533280652a848e56b85be2726d4a64fb197782ef1f3a10254ad694604e913f46282874ee36fc587916c0165911d31c0be62bc2faa71d3385df2e396eac750","ssdeep":"","tlshash":"04f0685aeef8cc7397e015e6c618784635fc253d594520415c044a3314dc55f56d3c92","first_seen":"2025-09-25T13:32:32.590536Z","last_seen":"2026-04-04T06:37:55.640933Z","times_seen":1045,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/z6icon.9aa7ca97.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.188","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-03-04T02:46:32.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/z6icon.9aa7ca97.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Wed, 04 Mar 2026 02:46:32 GMT\r\netag: \"699bf988-1316\"\r\nexpires: Thu, 04 Mar 2027 02:46:32 GMT\r\nlast-modified: Mon, 23 Feb 2026 06:54:00 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 4886\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4886,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"669b71d0c57206860439b18f1c5a57bb","sha1":"03cae7046c9702a7d5324ad5a1f9b78b8faa59c4","sha256":"ab12cee092d44f961cd751cda3bf40a424f1a72572c515c2011d198ef5078c9a","sha512":"aef2a92628de6c83afd0a38e93959ec124790e5e927ccdd84e9d4b53290f024307617cd31906264797fc4c41c3d3d0d0814c647d6af6d6532917985f519bf1b9","ssdeep":"96:liZu0akLItvIa9/httspZAR7TbH+Dh1gH8kFaZQ/FgakMwFi5:iakLIOa9Hts3cbeXgHRmsgakfFi5","tlshash":"21a16dce910c12d292bd937e8408b374ea95be0cce74d748624b45b61a38d245e9d699","first_seen":"2025-12-29T13:32:32.226906Z","last_seen":"2026-04-04T10:02:38.85925Z","times_seen":5252,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":579,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}