{"report_id":"0ab208e0-1697-4747-9bb9-4ff0d8e634fe","version":6,"status":"done","tags":[],"date":"2026-03-29T12:03:59Z","url":{"schema":"http","addr":"wap.kkjsd01.top","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":0,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"wap.kkjsd01.top/#/entryCenter","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"title":"Entrance","dom":{"size":14174,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13522)","md5":"3cef94beca162e6907e6f987dfa7135f","sha1":"39ae636f00c3d6bddba0cf106fc630502fd8139c","sha256":"ab0cf31b082421aacb9346acad8750b7a7798866f275154f8cc91a27c3967dc1","sha512":"5a534ee241c392f526a9bb80c6029c6ff739e9fb3262e770347c4baf86e37380fe362b572c1c8f53fe3bdb9864499fd4b55fd1254210f6f563e79bbf4ee7e5d7","ssdeep":"192:xyg5t0nln5YBbeSUynOrlMo0ISBk7DknweUynOrlMo0ISBk7DknwT:kpPoOJEBJn1OJEBJn2","tlshash":"dd524a69d18278cb4557f8d0d0307b2f39a6df0bd114c0d067acb6a499eecf5ba982b1","dom_hash":"domhash33b45ce3d8d9ffc5828d1bee8a60c934","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wap.kkjsd01.top","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":0,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-03T12:03:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"wap.kkjsd01.top","ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-08-12","domain_rank":0,"first_seen":"2026-03-29T03:34:55.500481Z","last_seen":"2026-03-29T03:34:55.500481Z","alert_count":33,"request_count":11,"received_data":1331514,"sent_data":5047,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/js/50.cca4ec19.js","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ffd0af2e899153a9cb7a292a96c2c7a8","sha1":"75a5c5ce9cd66d0cdd75839f7215336c441041a7","sha256":"8860a3eea894c321740158fc9bd405c151498b17b8544bfa4095d6ade7b5bdd9","sha512":"26f619297d4aae573bf022dd6435685971ed3ba22e9d6dee93687c30c59aec0bf64941e6e9c63231d4362390c63d3d26bfc007f830354e2e839e3ee4d54d59cd","ssdeep":"192:EUynOrlMo0ISBk7DknyuIcAcVh3HlnDVzv8KZuI374+20h47JrVT:mOJEBJnL1VTZbFh47hVT","tlshash":"a232fa8ef5c7b446e95b5072c12b282560392dd0221f81c5e339f8d9b8a4578ab7ffd8","size":11019,"data":"","first_seen":"2026-03-29T03:34:58.444442Z","last_seen":"2026-03-29T12:04:53.939762Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/js/safari-nomodule-fix.js","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-08T11:52:17.849047Z","times_seen":36463,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/js/chunk-vendors.9e207b2d.js","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b5eefd71f5c33ad19db70321844a157","sha1":"46346d12bd5981f98ec0f46fb646865ec8063103","sha256":"e9492064bfb5df18c405ad4c4b54df8e7be132ea42ff29a7f06370dcfdb3b038","sha512":"4fcb095cdd87a4c315cd714671fbf68c6fec8a0a70274328be76b38e2afd6723737521afd2649693f37d25a2be469fe5e980a77cff218ca5866dee52f660fb93","ssdeep":"12288:FACayKeRrjVSC6BwdAzyFAvdU+tKzhetTEFI5pb:FAteRrpShBwdqfvLKzMTEFU","tlshash":"5cf43bce7186b522479720b1403f290ab23e2f58680e8458fab5e4d67d78d6c527bf7c","size":770136,"data":"","first_seen":"2025-11-22T01:11:19.703742Z","last_seen":"2026-03-29T12:04:53.930467Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/js/app.6f114fc0.js","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e9e13b9df06837733fae0e944e5abe2","sha1":"bd2681d71db3ac58d8bd3567af34f475e448e4b5","sha256":"4bea2c418db311542c31fb569100735c7eeec875df1f6b9708ec45c04bbb0c4b","sha512":"b27162c85b497ebdf7f1a9096978fbbf62b9a4282bcb9c6cf20e76abdf800d49680d0b345ce2122cbca04f87f90964e8141df4c59eb5605c7239ae7b44a03cc4","ssdeep":"3072:t347iKj9GrLvqH7MDkJSIK3QaYWuoahNwuAy5T0l8CaL1sDBBvBWROG+H:toxj9GrLvqHwIT3RcBz9H","tlshash":"4d445d5f13ccb3b508492761a14a3c7945361b72f326fae6d1c9b19812ecf89c2639f6","size":277961,"data":"","first_seen":"2026-03-29T03:34:58.447534Z","last_seen":"2026-03-29T12:04:53.971231Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/js/safari-nomodule-fix.js","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:38.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /static/js/safari-nomodule-fix.js HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:39 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 314\r\nlast-modified: Sun, 15 Mar 2026 04:09:18 GMT\r\netag: \"69b630ee-13a\"\r\nexpires: Mon, 30 Mar 2026 00:03:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":314,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (314), with no line terminators","md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-08T11:52:17.849047Z","times_seen":36463,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/js/app.6f114fc0.js","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:38.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /static/js/app.6f114fc0.js HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:39 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 15 Mar 2026 04:09:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b630ee-43dc9\"\r\nexpires: Mon, 30 Mar 2026 00:03:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":277961,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37903), with no line terminators","md5":"2e9e13b9df06837733fae0e944e5abe2","sha1":"bd2681d71db3ac58d8bd3567af34f475e448e4b5","sha256":"4bea2c418db311542c31fb569100735c7eeec875df1f6b9708ec45c04bbb0c4b","sha512":"b27162c85b497ebdf7f1a9096978fbbf62b9a4282bcb9c6cf20e76abdf800d49680d0b345ce2122cbca04f87f90964e8141df4c59eb5605c7239ae7b44a03cc4","ssdeep":"3072:t347iKj9GrLvqH7MDkJSIK3QaYWuoahNwuAy5T0l8CaL1sDBBvBWROG+H:toxj9GrLvqHwIT3RcBz9H","tlshash":"4d445d5f13ccb3b508492761a14a3c7945361b72f326fae6d1c9b19812ecf89c2639f6","first_seen":"2026-03-29T03:34:58.447534Z","last_seen":"2026-03-29T12:04:53.971231Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1052,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1052,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/js/50.cca4ec19.js","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:40.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /static/js/50.cca4ec19.js HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 15 Mar 2026 04:09:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b630ee-2b0b\"\r\nexpires: Mon, 30 Mar 2026 00:03:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11019,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10789), with no line terminators","md5":"ffd0af2e899153a9cb7a292a96c2c7a8","sha1":"75a5c5ce9cd66d0cdd75839f7215336c441041a7","sha256":"8860a3eea894c321740158fc9bd405c151498b17b8544bfa4095d6ade7b5bdd9","sha512":"26f619297d4aae573bf022dd6435685971ed3ba22e9d6dee93687c30c59aec0bf64941e6e9c63231d4362390c63d3d26bfc007f830354e2e839e3ee4d54d59cd","ssdeep":"192:EUynOrlMo0ISBk7DknyuIcAcVh3HlnDVzv8KZuI374+20h47JrVT:mOJEBJnL1VTZbFh47hVT","tlshash":"a232fa8ef5c7b446e95b5072c12b282560392dd0221f81c5e339f8d9b8a4578ab7ffd8","first_seen":"2026-03-29T03:34:58.444442Z","last_seen":"2026-03-29T12:04:53.939762Z","times_seen":3,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/img/adcenter-banner.b3173dd9.png","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:40.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /static/img/adcenter-banner.b3173dd9.png HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:40 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 15 Mar 2026 04:09:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b630e4-744e\"\r\nexpires: Tue, 28 Apr 2026 12:03:40 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29774,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 240 x 160, 8-bit/color RGBA, non-interlaced","md5":"5a62141643c5867ad5b405c8a24fef2d","sha1":"0a5f78239d38a22f949bea35c90b7d52bf610b50","sha256":"f4a7c281e5d02cf537210dbcd4e419e4427cb0b3f53e8399ba0a0b3c644c6988","sha512":"fdb299c536699034b27523a42eee9bdb9d378be99f4cfe3c729fbd31d60f70164af7d33f93bef96e549cd38ff1e77400b0feb09d8c496e24674684580c41c512","ssdeep":"768:Qlw1jqp6IMcqOqBRqo/NsyBJRd8D0oTLtS8rpBz:oqgM3ONOA0onbd","tlshash":"34d2e0b11b15633c4a92ead9fd71d1e550023d4a8d83ea4c7a075f348238659aa17ffc","first_seen":"2025-11-22T01:11:19.698906Z","last_seen":"2026-03-29T12:04:53.949843Z","times_seen":7,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/prod-api/facebook/user/register","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:40.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"POST /prod-api/facebook/user/register HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=UTF-8\r\ncontent-language: ja_JP\r\nContent-Length: 21\r\nOrigin: https://wap.kkjsd01.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":21,"data":"{\"activationCode\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:40 GMT\r\ncontent-type: application/json; charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wap.kkjsd01.top, *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: fb-id, Content-Type\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f0507496eefe52dab3d16b9b71b8c1c5","sha1":"68b666c6aa24eebe91679c84a0cbc2ca3a4397b7","sha256":"1f51afb8e234743e8e3751226465cc876f1717e73c8b57a884e3a380bb7b02f2","sha512":"100d45c62c1d7552f66b19533ac8d51136f749d287fe95d7759d2768809528ca20479468a0a1b23f618ce3f8240600e871829dba2e5515fec7bfb1b052cb9ac4","ssdeep":"","tlshash":"54a01240ea0d460609401144000e06281528740649020a2804dc17b0c0c80b8e633970","first_seen":"2026-03-29T03:34:58.449844Z","last_seen":"2026-03-29T12:04:53.963477Z","times_seen":3,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-29T12:03:37.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:38 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 15 Mar 2026 04:09:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b630ee-43d\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1085,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (732)","md5":"9bbd4198acbfb6bc921269e6a1024ffa","sha1":"62608d24f8813b8640a199e6745a91e8f3998616","sha256":"0d8231da51a12810f67aeb730d64668a4f6e4ec831b5cbda1001cf8d4841f9da","sha512":"988b55984a197aa602960d4ad918afd5242ebb2332dae96fb9fdba0067cb7ef6c50f0a8d6e7e209b6972936edb89bb5415e17498c8ff95feb2144b21aed7fbff","ssdeep":"","tlshash":"9811ad858c30e48b47b04e45fa75b31f9cc69d5a4a22dce0b8ac12fc4a94fc8d7a9845","first_seen":"2026-03-29T03:34:58.439646Z","last_seen":"2026-03-29T12:04:53.967773Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1327,"timings":{"blocked":532,"dns":1,"connect":263,"send":0,"wait":262,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/js/chunk-vendors.9e207b2d.js","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:38.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /static/js/chunk-vendors.9e207b2d.js HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:39 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 15 Mar 2026 04:09:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b630ee-bc19f\"\r\nexpires: Mon, 30 Mar 2026 00:03:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":770463,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30581)","md5":"8b5eefd71f5c33ad19db70321844a157","sha1":"46346d12bd5981f98ec0f46fb646865ec8063103","sha256":"e9492064bfb5df18c405ad4c4b54df8e7be132ea42ff29a7f06370dcfdb3b038","sha512":"4fcb095cdd87a4c315cd714671fbf68c6fec8a0a70274328be76b38e2afd6723737521afd2649693f37d25a2be469fe5e980a77cff218ca5866dee52f660fb93","ssdeep":"12288:FACayKeRrjVSC6BwdAzyFAvdU+tKzhetTEFI5pb:FAteRrpShBwdqfvLKzMTEFU","tlshash":"5cf43bce7186b522479720b1403f290ab23e2f58680e8458fab5e4d67d78d6c527bf7c","first_seen":"2025-11-22T01:11:19.703742Z","last_seen":"2026-03-29T12:04:53.930467Z","times_seen":7,"resource_available":true,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/css/app.a18946b2.css","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:38.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /static/css/app.a18946b2.css HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:39 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 15 Mar 2026 04:09:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b630e4-8e8\"\r\nexpires: Mon, 30 Mar 2026 00:03:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2280,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2280), with no line terminators","md5":"b96bf75eb2d4a739f678d12fc07c807d","sha1":"59cd923369e6d3aa1f6b216164ced57f095dba2e","sha256":"8ad20aaba6a48095319374db80130bab6d027a5d5800e7d1cc752dc945b61075","sha512":"677559a4fbdb26f67507c46d466c263d3f500a17b769a0d3a37689bde30c46781ae7db6936b169d5b21ba2bdd9dc47bcedb4f1cd48ede29f0635b6f520692761","ssdeep":"","tlshash":"c941ad2df1c0d23b6177407eef8dfd5484281e5696204fabf14da243ae5739b1ab0726","first_seen":"2026-01-07T16:33:55.520403Z","last_seen":"2026-03-29T12:04:53.95183Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1051,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1051,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/css/chunk-vendors.0d6e9997.css","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:38.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /static/css/chunk-vendors.0d6e9997.css HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:39 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 15 Mar 2026 04:09:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b630e4-36e2c\"\r\nexpires: Mon, 30 Mar 2026 00:03:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":224812,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (64226)","md5":"3f2d238f567878fc882262d15c0246e9","sha1":"afd22aa560041acb3ee50f1e8d102f84f598215b","sha256":"75724902161178f302b800e0a09bbce57cf0adab3ead8deac6722d8ca8ec2581","sha512":"6326237a5a5fc4abe3ae56e55abef9f70fd5ccf497a7235aeb00b239a4e2793d3439b9a2e152da800122f71475a68480b67c8fae00ed6940267ad3a283be1f0e","ssdeep":"6144:7kZUwh1nAukdDO3Xyr5Ir5eR0dTMA9S6fjKlWf:IZUwh1nAukdDO3Xyr5Ir5eR0dTMAEMf","tlshash":"6b24876f85d1135da1178e619fcc9ad8c22cc572a5520dedb242380e8fc7fde239a61b","first_seen":"2025-06-24T18:05:37.862283Z","last_seen":"2026-05-23T05:40:18.044516Z","times_seen":32,"resource_available":false,"data":null}},"time_used":1052,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1052,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/static/css/50.c9fd0387.css","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:40.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /static/css/50.c9fd0387.css HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:40 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 15 Mar 2026 04:09:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b630e4-f5b\"\r\nexpires: Mon, 30 Mar 2026 00:03:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3931,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3931), with no line terminators","md5":"585ec908eb11d1b2d173f3183024d9ff","sha1":"9b19ddf88e1e092afec5afc22ba84d128df03268","sha256":"c5bff55f58a057ad431428069debbe82b6f95c94a80f21e17a561f38630624b6","sha512":"4a9f74e4495982b21ed1eb63463b5eda98eafde774ec35f4cedf4d675383684272e5500b1b8bcb9028d9e6812b657a98159b8cee61a1d1bfd20d52028cb132ca","ssdeep":"","tlshash":"3c8153b465886457b0a7c3c57de02d8f803a5983d022edc9624b729178ff5df27296bc","first_seen":"2026-03-29T03:34:58.445805Z","last_seen":"2026-03-29T12:04:53.947752Z","times_seen":3,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.kkjsd01.top/favicon.ico","fqdn":"wap.kkjsd01.top","domain":"kkjsd01.top","tld":"top"},"ip":{"addr":"156.245.239.57","port":443,"asn":984,"as":"OWS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wap.kkjsd01.top/","date":"2026-03-29T12:03:40.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wap.kkjsd01.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 05:50:46 GMT","end":"Mon, 22 Jun 2026 05:50:45 GMT"},"fingerprint":{"sha1":"5E:07:42:92:26:06:62:06:73:FF:C4:C0:95:6E:37:B2:5A:7E:DE:36","sha256":"1F:17:55:F5:D6:68:0A:AE:25:D5:DC:B8:9D:34:26:44:D0:E3:6B:18:8C:5C:E3:23:D1:92:AE:D6:27:36:39:03"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wap.kkjsd01.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.kkjsd01.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 29 Mar 2026 12:03:40 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Sun, 15 Mar 2026 04:09:18 GMT\r\netag: \"69b630ee-10be\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"763a26ac1b333a2a3e4d3aaa7188b83f","sha1":"dab8d87df371792f84be587bc904781f1754b785","sha256":"cf2caf811a3e92e7913dfe4be696bb36c155ebff32ac0b62547c6b8233cbaab4","sha512":"95c59e667b4e1ccfde2ae3394ed16d757e90b0ca15cafa338ec79fb61acc9e8d73ce179a98660df242144da63e5793335a1f6b39b26f03117f8040e0413c80c9","ssdeep":"48:AcNTmQ9vq996VypcXlEnPgsUXhbJ7LI70JQucb0mMQksk13b+qYyCkWN4/:AcNTh1q996Vb2gsUpZRuWELkpmNc","tlshash":"c391dcc28d89416bc90aab7481862fc117370d9cb0ee5de559fc751a3bb3c8e51bf066","first_seen":"2024-10-29T06:16:42.130564Z","last_seen":"2026-05-23T05:40:18.035429Z","times_seen":44,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"wap.kkjsd01.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"wap.kkjsd01.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}