{"report_id":"0d781854-6da6-4507-afb6-9b92fa692c99","version":6,"status":"done","tags":[],"date":"2026-01-03T18:27:08Z","url":{"schema":"http","addr":"kbuuat.katabat.com/","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":0,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"kbuuat.katabat.com/security/login","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"title":"KeyBank Payment Assist","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kbuuat.katabat.com/","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":0,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T18:27:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"tq2tmylv9quqkoe"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"kbuuat.katabat.com","ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"domain_registered":"1999-10-27","domain_rank":0,"first_seen":"2025-07-17T13:57:43.125409Z","last_seen":"2025-08-06T09:41:22.389853Z","alert_count":20,"request_count":20,"received_data":1619297,"sent_data":17273,"comment":"","tags":null,"fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/scripts/jquery-3.5.1.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"23c7c5d2d1317508e807a6c7f777d6ed","sha1":"ad16c4a132ad2a03b4951185fed46d55397b5e88","sha256":"416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37","sha512":"58d2f17cfffc71560bf6c8fc267a7a7add0192e6cb3f7d638531bdbe12ff179b84666839c04ccaa17a75909b25ccf416c0f4f57b23224b194a0a0cc72ce4ce4d","ssdeep":"6144:pJChNVls+TCtlFhTzeKR7cYmD2zK8EAbEtPx+WI+Y7cFyW48L/dyVxNaIPfytrAP:xf7cYmD43APx+WI+Y7cFyMyDTPfCAeuH","tlshash":"2354a4d9f78d112e423231aaac2f12cdb77cd171560458aebd4d597c24a083d83baf7a","size":287630,"data":"","first_seen":"2023-03-07T01:03:32Z","last_seen":"2026-04-09T13:15:16.694721Z","times_seen":7933,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/security/login","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7137fa043cee6e1781cad7559ab4f6f6","sha1":"d57366c5eb5a62431cc618145441b59973732cd9","sha256":"2ffcd9cf6eff386931fb608bebd910b62e115f9e58665b43c7164c0a858df304","sha512":"56a6e72dcbbe6069a5b7420d4b50e909f24ea1f94f0a933fe192e237807eca303e57dbc0d4d07398953b416d397332e88bd63849e5ca2651e6a30957088bdb5b","ssdeep":"","tlshash":"f941bd0d6ebb211146b3607a8ebfa5486232d203210ddd007e5e50e1df2963ab6b3b9d","size":2361,"data":"","first_seen":"2026-01-03T18:27:11.799648Z","last_seen":"2026-01-20T18:45:44.865476Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/js/katabat_js/core/katabat_core_1.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d31f33ec5896cdc001141f5fe0919de9","sha1":"acda54d4aca91df1710cab66fcfaf0f9fa0105cf","sha256":"0ee61589cc8499d70bb927cb02e1bfff96d6bf6e7cc6172f58f8146d48b56575","sha512":"31f2acf0d311d45a40693e4519a95964dbbbedc20c06bafa5cd8604163fa2098dc6f0db21bd964a3d484707d37a9e8db453b6795be565143cb29bd6df5672c60","ssdeep":"96:jZpgwqD/jj3e3g8dSN8pQy4Z4ipDpJE+Ae84aznpoHrE84eYf/uzbUJ3jptoZm7j:jZpgwqD/jre3RS0Qy4n1Js4azpu4eYfT","tlshash":"4eb1318ba1e32021167b2577aabf02587e7301071c05ed007a5ca7d16ff0a7a67a6f7d","size":5531,"data":"","first_seen":"2026-01-03T18:27:11.795757Z","last_seen":"2026-01-20T18:45:44.852793Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/js/loan_servicing_js/jquery-ui.min-1.11.2.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6e605aa6b2d85fcd95a1e8a44f08301","sha1":"a4f5f14b57bb27207f0ad780f9e615257f2f9e32","sha256":"b99cb3f5a0978988ae8d179c872a10ef306036cf74189a0cd6f7821e26b1df3c","sha512":"3ce077a7e979b0e1da0972e2ca769db764ad27a251c77200eed6a85735fc9be81e8580bc242f80714b53db9799ab4cb6b4e888b27d901d25e663422b096b110e","ssdeep":"3072:PmDzSUNSDVqVIhPUKYI7qSDzOyA1kRsSBCQ0+SuGC:LUCVJpYIBNCQ0Xuh","tlshash":"9b34084db2413a3661ebe265103b2a0fa237555ca605805cb43ccede9e7de0531bbf7a","size":239576,"data":"","first_seen":"2023-03-07T18:00:30Z","last_seen":"2026-04-08T12:13:15.901741Z","times_seen":1191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/js/loan_servicing_js/loan_servicing_1.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"963cb179cb6cf5a133d74a22d7c3279a","sha1":"b79c78275a273556db08f33c182f36b7969f211b","sha256":"a0a878731ad6b51cc08ccd37ccdd352083eff0539c3f8c311c45aad31831e5a2","sha512":"9322d93c0c3b0757578ec36c3d0b8b4f05b66233df9d4b5ec1f82fbad202e774af254bb655904fac73f2cf01751fa1febe25c2a30f5dacfdf38a8e6ec9e31f14","ssdeep":"","tlshash":"11e0bf8a908a34424ab21185d7ff0cb5ee9245172cdccf4822f0a7aa1ce2f5861c596d","size":332,"data":"","first_seen":"2026-01-03T18:27:11.739792Z","last_seen":"2026-01-20T18:45:44.860764Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/security/login","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"08ea74c87bdf0ff510d9356e8ba7e138","sha1":"c87c5b3e793e45df84bcd822a35b44d5e89bdf59","sha256":"255cb7a64a335d90a8df92af86bc104c7d64f27c10df494ba2354d57d42a2b95","sha512":"ee13a07aa09215c6ef51aab580251e39e931058565377d032f7e9892f85aa18c5fd03ef19dd7c6f786aeec4952e1e7fddb1c60c591ba19eb7ecfcc5fc593a788","ssdeep":"","tlshash":"38216b0e7de750125aa3a078c77f56443271d203200ddd407e1f55e19f2967a72b3bad","size":1401,"data":"","first_seen":"2026-01-03T18:27:11.801Z","last_seen":"2026-01-20T18:45:44.867013Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/js/global_js/global_framework_1.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f3612d100a3a70a90a69d745678c7c3a","sha1":"3014ac42c5b96d0fbba45fe5c4be5d220a0a9c81","sha256":"d7bee691f132b874e0bd1ea50e987de7bdf85fd31853521118b044ffe7467d90","sha512":"e44e7f1e4a5cdf0b51d94525a9a342aa9c024ccfce094401a090a12a92f5749f9cef5b79c3f67152d7cec03b2f109958d5f560f32dd8868c0752c3a1d8e363b3","ssdeep":"12288:Iwe4PdNqldFcBy4R3oFyru5nM80ivKdqrZ/6CS+mX5KLLH1TF6u9BMg4aKWLyv6o:Iwe4PdNqldFcBy4R3oFyru5nM80iMqra","tlshash":"e9e4b54936e221398617f07a9fafa509b335946b5204d80c790d93e86f5483887faffd","size":717768,"data":"","first_seen":"2026-01-03T18:27:11.746982Z","last_seen":"2026-01-20T18:45:44.858762Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/css/katabat_css/core/katabat_core_1.css","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/css/katabat_css/core/katabat_core_1.css HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 4887\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!9oi37EWXyLPzzZEPyPW4PRZP2I0Elx5I9eTHjbdwUpmVUDYBe4VZRzNDaVLve43Gt7r5CFbcUYzjBaI=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]}],"data":{"size":28340,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"c794e6c67a32b017f4eccefc86d1d808","sha1":"5e8ef00083154e8b99a0a054381db759a9c1e708","sha256":"c61028b2a038244e077efbde2489cf7cbfdcd8f739c939a7b835b8b2a8f108c8","sha512":"bb0d4760bbfbb83b9820039dc4d13b18e18743a7a17f3a369640dab049b58ba21c80a66c0e9f675c9706d57e755b8f68e7945859117b5d103296208edad9e7d1","ssdeep":"384:qm8/+y7lgWR4uc6Ssop7+mn+Zn7XNShM03tDhuQuIu+AaNB/yxrPVVDzI5z/mS/0:qOy7hODhAaNBCL3I5z/rCdaNK17B","tlshash":"bbd23243efe7294430259049effbf5a8371c5487d50e8ae87a5cf185ef486d38872a4a","first_seen":"2026-01-03T18:27:11.725331Z","last_seen":"2026-01-20T18:45:44.832179Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1124,"timings":{"blocked":479,"dns":0,"connect":157,"send":0,"wait":162,"receive":0,"ssl":325},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/scripts/jquery-3.5.1.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/scripts/jquery-3.5.1.js HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: application/x-javascript;charset=UTF-8\r\nContent-Length: 84805\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!UHxd6Ma+iWxudMIPyPW4PRZP2I0ElyGrm5U5XfWu7hcgqUGcahSuOrRzrx6+Xt8hz3tnohNBbjSczvM=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]}],"data":{"size":287630,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"23c7c5d2d1317508e807a6c7f777d6ed","sha1":"ad16c4a132ad2a03b4951185fed46d55397b5e88","sha256":"416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37","sha512":"58d2f17cfffc71560bf6c8fc267a7a7add0192e6cb3f7d638531bdbe12ff179b84666839c04ccaa17a75909b25ccf416c0f4f57b23224b194a0a0cc72ce4ce4d","ssdeep":"6144:pJChNVls+TCtlFhTzeKR7cYmD2zK8EAbEtPx+WI+Y7cFyW48L/dyVxNaIPfytrAP:xf7cYmD43APx+WI+Y7cFyMyDTPfCAeuH","tlshash":"2354a4d9f78d112e423231aaac2f12cdb77cd171560458aebd4d597c24a083d83baf7a","first_seen":"2023-03-07T01:03:32Z","last_seen":"2026-04-09T13:15:16.694721Z","times_seen":7933,"resource_available":true,"data":null}},"time_used":675,"timings":{"blocked":337,"dns":0,"connect":0,"send":0,"wait":183,"receive":155,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/js/loan_servicing_js/jquery-ui.min-1.11.2.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/js/loan_servicing_js/jquery-ui.min-1.11.2.js HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: application/x-javascript;charset=UTF-8\r\nContent-Length: 64480\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!VEVV07I05xJ2PLEPyPW4PRZP2I0El3WIDcRX0PFt7zUMX9+9ceFcn6PrMdAHgKnVk5Jm3vFeMww0BQk=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]}],"data":{"size":239576,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32157), with CRLF line terminators","md5":"d6e605aa6b2d85fcd95a1e8a44f08301","sha1":"a4f5f14b57bb27207f0ad780f9e615257f2f9e32","sha256":"b99cb3f5a0978988ae8d179c872a10ef306036cf74189a0cd6f7821e26b1df3c","sha512":"3ce077a7e979b0e1da0972e2ca769db764ad27a251c77200eed6a85735fc9be81e8580bc242f80714b53db9799ab4cb6b4e888b27d901d25e663422b096b110e","ssdeep":"3072:PmDzSUNSDVqVIhPUKYI7qSDzOyA1kRsSBCQ0+SuGC:LUCVJpYIBNCQ0Xuh","tlshash":"9b34084db2413a3661ebe265103b2a0fa237555ca605805cb43ccede9e7de0531bbf7a","first_seen":"2023-03-07T18:00:30Z","last_seen":"2026-04-08T12:13:15.901741Z","times_seen":1191,"resource_available":true,"data":null}},"time_used":1136,"timings":{"blocked":651,"dns":0,"connect":0,"send":0,"wait":172,"receive":313,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/fonts/helvetica_neue/roman/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/fonts/helvetica_neue/roman/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/.theme/theme_kbu/css/global_css/default_styles_1.css\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QVcf5alpRLPLZyYPyPW4PRZP2I0El1eBBx6SRPgqN3q9sVQqMrfKCHzAUP/ekibr5qyQRm8ZV4/oNxI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered\r\nContent-Type: application/x-font-woff;charset=UTF-8\r\nContent-Length: 16108\r\nDate: Sat, 03 Jan 2026 18:26:48 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!oxKnHXvOXzMP/M0PyPW4PRZP2I0El68lA/rteFaRBkCYWcRakaCKbxFHVgB8BeK8YhIojR54eVwp5P0=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]}],"data":{"size":16108,"size_decoded":0,"mime_type":"application/x-font-woff; charset=UTF-8","magic":"Web Open Font Format, TrueType, length 16108, version 0.0","md5":"47b39d054a4241e4ccd868d4005e4492","sha1":"4db4aaa555604ad19c1d2eb4032af8681a2ee2d8","sha256":"43bbfdd5b050730da3162f0a7bb3fd4a0630bb5c85e5227df299824ce6efdfa4","sha512":"13d66521d91b05b96ebe79f243102dfc7848047970ceeb5833cc56e1c190489a2ac8de5c4c423d249ee2c89d5e3a84eb34acb1ffa466b24f3e033289d175630d","ssdeep":"384:bJUA0636JQUm7K8OiMFTahHqFjIazIrEjOq3sD0wUUp:F8DTahe0acrEjOsi0w","tlshash":"cd72e1abcefe0ed3f252eaba4a444c6c41f9b2bca254ccb4c409068e5bc41d65067c29","first_seen":"2023-05-12T13:37:44Z","last_seen":"2026-01-20T18:45:44.830353Z","times_seen":63,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/favicon.ico","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:48.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/favicon.ico HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!fPxDTUs+fGlTd6gPyPW4PRZP2I0El2VwQo8I7bbjo4R3MEivgBIiLe/B8iN7OL1i7eS6gPifF7d1pvE=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered\r\nContent-Type: image/x-icon;charset=UTF-8\r\nContent-Length: 661\r\nDate: Sat, 03 Jan 2026 18:26:48 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!vMS9a+Gzoi9t+GAPyPW4PRZP2I0El6iES1usrjMDPTuVFrzO4BXqRx1qU6G9mZ63Zs5hLRmBd3FeDOo=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":661,"size_decoded":0,"mime_type":"image/x-icon; charset=UTF-8","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"ea4b275c774e8170ed54751d39a6adbf","sha1":"c4fda6c23491accd170362ab21108d8ae31a647f","sha256":"735143f90a8c225ffe4c0a853b25f2068510d81f8f6a82db79db00233ccc4b58","sha512":"3bb85c34e3472a0c20dfc06f13c51782e2e8691b75596761517e9bad3452b23331a0c289015ab27a11742216c5e733f35bf7b6204f80405bef363d6c7d1fc203","ssdeep":"","tlshash":"710123c2edb588ee8c971a220f030b41e9b5b82113c6045b9e0cea148804da228d1bc6","first_seen":"2023-06-07T06:57:23Z","last_seen":"2026-01-20T18:45:44.831333Z","times_seen":49,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/css/client.css","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/css/client.css HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 674\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!X8EUy/hPzzL1HtwPyPW4PRZP2I0El3NqvfI6Mj19Gp7Fxj/r8fKMsNvaS6FJbZycHTowK0dTTVqd5wM=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1973,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"assembler source, ASCII text","md5":"e8dd07831afcc96715d43c2b4bd2ea12","sha1":"ac5ab634fd7ee646f3874ebca05df9f08c0d5092","sha256":"8e41536d0f752b19d738cd03418c2f74d631c63e49dbf25b1b6fbe7b9136b580","sha512":"20174d1b2212729829d04713c2554a41a3278229876f74dcdad56be1307dacd46fa6332f8fe5a117b2ce37e433de92d158773b05180c0362c979ca40efd350c6","ssdeep":"","tlshash":"7f412153ddf226855817562c5fdfb60423189127d60dda98be0cd14cafcc462a4b2ba0","first_seen":"2026-01-03T18:27:11.737954Z","last_seen":"2026-01-20T18:45:44.834452Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1138,"timings":{"blocked":480,"dns":0,"connect":158,"send":0,"wait":173,"receive":0,"ssl":325},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/js/loan_servicing_js/loan_servicing_1.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/js/loan_servicing_js/loan_servicing_1.js HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: application/x-javascript;charset=UTF-8\r\nContent-Length: 187\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!HVqZ0ddjXQH+eBAPyPW4PRZP2I0El2cTK7pFl775c6U7VeFL+3glCqXC5PpfnmgXf5OG/yiZ9zJ7eL0=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]}],"data":{"size":332,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"ASCII text, with CRLF line terminators","md5":"963cb179cb6cf5a133d74a22d7c3279a","sha1":"b79c78275a273556db08f33c182f36b7969f211b","sha256":"a0a878731ad6b51cc08ccd37ccdd352083eff0539c3f8c311c45aad31831e5a2","sha512":"9322d93c0c3b0757578ec36c3d0b8b4f05b66233df9d4b5ec1f82fbad202e774af254bb655904fac73f2cf01751fa1febe25c2a30f5dacfdf38a8e6ec9e31f14","ssdeep":"","tlshash":"11e0bf8a908a34424ab21185d7ff0cb5ee9245172cdccf4822f0a7aa1ce2f5861c596d","first_seen":"2026-01-03T18:27:11.739792Z","last_seen":"2026-01-20T18:45:44.860764Z","times_seen":2,"resource_available":true,"data":null}},"time_used":802,"timings":{"blocked":641,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/images/logo/logo.jpg","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/images/logo/logo.jpg HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered\r\nContent-Type: image/jpeg;charset=UTF-8\r\nContent-Length: 9963\r\nDate: Sat, 03 Jan 2026 18:26:48 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!inN1t7XVAWYpBWoPyPW4PRZP2I0El8GKFgJpMueoiTWCMXnGC7aXwt5mjdTqYbwaWrLUQwTwRZYv5dw=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9963,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"PNG image data, 790 x 138, 8-bit/color RGBA, non-interlaced","md5":"50a2d9cdb4165b30782829b6f6c6030a","sha1":"21fa9275e526937634c142e6860111ac0334fd01","sha256":"f528e191b08742b90f368e6e020a95b66b08dac37d5d663faae4e2e2899ac63e","sha512":"b0d2fc4df494e6febe332ad0c7157bf68f057127b16a70bf3a0a38ef8bf3c4529fb1747bcac85fcc8141a6201d7bccc2d96b24fe7745b1d1fcd3104652c8e51e","ssdeep":"192:CXoLPwNuYnUd9QraOJqhlgqz3E5WLIi8Xac87WuZ70BEqzoF9mV3QA:CXRLw9QrJ8zLOKc8SWwH+90gA","tlshash":"ce229e9bdfe3d4ccef757c9d079d2a859ae48831113d945a89ebe44e980bd3424dc170","first_seen":"2026-01-03T18:27:11.741669Z","last_seen":"2026-01-20T18:45:44.850662Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1002,"timings":{"blocked":803,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/js/global_js/global_framework_1.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/js/global_js/global_framework_1.js HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: application/x-javascript;charset=UTF-8\r\nContent-Length: 169228\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!H6zPZ5IDRGwjMdMPyPW4PRZP2I0El8Wx6enskvNIND82fG3EdhQtYWvCS3XBn9mjV4DzjZZ3gnp6Of4=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":717768,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"f3612d100a3a70a90a69d745678c7c3a","sha1":"3014ac42c5b96d0fbba45fe5c4be5d220a0a9c81","sha256":"d7bee691f132b874e0bd1ea50e987de7bdf85fd31853521118b044ffe7467d90","sha512":"e44e7f1e4a5cdf0b51d94525a9a342aa9c024ccfce094401a090a12a92f5749f9cef5b79c3f67152d7cec03b2f109958d5f560f32dd8868c0752c3a1d8e363b3","ssdeep":"12288:Iwe4PdNqldFcBy4R3oFyru5nM80ivKdqrZ/6CS+mX5KLLH1TF6u9BMg4aKWLyv6o:Iwe4PdNqldFcBy4R3oFyru5nM80iMqra","tlshash":"e9e4b54936e221398617f07a9fafa509b335946b5204d80c790d93e86f5483887faffd","first_seen":"2026-01-03T18:27:11.746982Z","last_seen":"2026-01-20T18:45:44.858762Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1317,"timings":{"blocked":641,"dns":0,"connect":0,"send":0,"wait":206,"receive":470,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/security/login","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T18:26:46.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /security/login HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!o5M9wjLa9+ke5UAPyPW4PRZP2I0El1Oq7aRdLSKEXyAl1Zrwp5qNPViVCpXl2XXMfx/9dfRTI3mpUvY=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered\r\nSet-Cookie: login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; Max-Age=1200; Expires=Sat, 03 Jan 2026 18:46:46 GMT; Path=/; Secure; HttpOnly\ncom.cmc.web.SelectedLanguage=en_US; Max-Age=1576800000; Expires=Sun, 22 Dec 2075 18:26:46 GMT; Path=/; Secure; HttpOnly\nBIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\nSessionTimeout: Y\r\nCache-Control: no-cache, no-store, must-revalidate, max-age=0\r\nPragma: no-cache\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'none'\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Language: en\r\nContent-Length: 6146\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]}],"data":{"size":50604,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"879e765b82cd3a82e109f62879fb5fae","sha1":"42dc4ffb8336d1254e1b0d08122e560607594f67","sha256":"d9cb6ec747b5de2144bcde26b77ba66f8b236b6c3135873147f2ce84537acbfe","sha512":"88756146edf5c67d8e5fee4e230608c76e663d2dfe3e29011c5a67480a8ac3a120a6308bca433281570a28a782c2447f7f9f0e1ebac98b2b421da5df93278c70","ssdeep":"384:DIgPQKVa8PARauMxVRQx0zEzn17P/bZR6/g:rfZARVKVRzEzn17P/bZR6/g","tlshash":"9433da11acf2ec6714ef04e169b9a909adb5c307825d2454f2dc5be25fe3de8c637284","first_seen":"2026-01-03T18:27:11.773862Z","last_seen":"2026-01-03T18:27:11.773862Z","times_seen":1,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/css/global_css/default_styles_1.css","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/css/global_css/default_styles_1.css HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 8937\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!7GN/vm/dw//KcI4PyPW4PRZP2I0Elynmsr3w+Vwy7m/vGpSn3XnGyN1MspVkCSJkk5Ut2d+qJ/4tquU=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45990,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (312)","md5":"32acca7fc4f561840ceea10660ba58e7","sha1":"55d77fac98e8b2773910f4c69c7d92e715a254d1","sha256":"93fb95d2482c77c339546218c3c2c3a3b4831e834641e6d93440381e8ecdc8bf","sha512":"e24ed206e151d987a4b8358b9c972e606b0b4f7ae46d6bcf688dd38b38f1efeb1662f4db2ced3ab1d4026a122396929abbd509ae271a100b36297d0c1cddccef","ssdeep":"768:4G6lH4FEN8nWZ3sNjWT16/ou2I/6ATKvHgOgTBbgnv1whLY:4cCBxsNjWxMou2IxT0AOgdbU1CLY","tlshash":"c42306acd5bf18804391e4c1238f6264bb2db66f9d496c5cf286ba9cafc1255c1c27cd","first_seen":"2026-01-03T18:27:11.778972Z","last_seen":"2026-01-20T18:45:44.845222Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1131,"timings":{"blocked":483,"dns":0,"connect":157,"send":0,"wait":162,"receive":0,"ssl":328},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/css/katabat_core_2_css/katabat_core_2.css","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/css/katabat_core_2_css/katabat_core_2.css HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 1268\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!rvMB4gK4SI0L8VAPyPW4PRZP2I0ElzzQ0iYYnmNE2pOLnFJm9irNrs325EcCjTUaIjU/0Sf6+QLr4mQ=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]}],"data":{"size":4788,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"11109f42b3b6a455666ff3194d0089ea","sha1":"f0d50decdc8e2fc59b40a371c2b22d6151fd49c9","sha256":"dc5c77eb23f2d9c74bea34572ae996f23aa293b938c5b37d731c354650c8ba12","sha512":"3156dd6351be864190bc28d23fbe920dbbcd9600095452ce5deeb6ffb06c2048ad31d40afd20ab54bd2a08834cf7a10b2c8163f372b6c219028341c8c5c34ecb","ssdeep":"96:VmAkrEPKJ5vGFyhtFIY0goEv4oEA4oEjAnOtO4oELPOgoEVlDGhO4oEqrO4oEcRA:V5yECJ5vGFyhtFIsKPGipLPXV2pqrpcq","tlshash":"a7a1fe43bec72684165155046afeb364371e82039a2eacd4ba4cf290ef867f3cd31616","first_seen":"2026-01-03T18:27:11.782314Z","last_seen":"2026-01-20T18:45:44.847513Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1132,"timings":{"blocked":485,"dns":0,"connect":157,"send":0,"wait":158,"receive":0,"ssl":330},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/css/jquery-ui.css","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/css/jquery-ui.css HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 8348\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!qXBKODLxnudvmbkPyPW4PRZP2I0ElxWKmGBkbeqrcCvwPYqiB1Jq0fD210pccqH/N31oP/pb1/p01UY=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]}],"data":{"size":36868,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (2366)","md5":"6c275e78e1e108cc91af38458f98faa2","sha1":"10290caaeb4c9e28b7ac2a2e1a6f43ab2109c26b","sha256":"7e68c3647f2a39d292edf4df0982ee7b6c4e579437bc3936f029e03e6cb58310","sha512":"260b3f2842fecff36d6d3fb63f69eaf8b6c74264628e1df8c11521a5b0086a8b7ac7d53ba6c581f95b409d1ab3165d8e88c2da1a06a4b2749ee5fedab809dd57","ssdeep":"384:kNAiHjCIox1e6T8OfUfs5Y6qzS258Lbf9Wt:8ASjCNrfUf3zS2yLbfC","tlshash":"faf20c315f532909ba4bc16022a51bf3e33a1343ed5bad3e759a2188dfd55a0c0af6b4","first_seen":"2026-01-03T18:27:11.784616Z","last_seen":"2026-01-20T18:45:44.856805Z","times_seen":2,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":168,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/css/login.css","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/css/login.css HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 1214\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!kJ4Mkfcci3RFpEAPyPW4PRZP2I0El7mZAn12Zzw+YZrNZ9O7azq1JVbQnllDodoxdhbA/AQuqrYo7PI=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4498,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"00265d6db625a6aa1f1bb4af9c1cf718","sha1":"a5492463085705d7e82b43329d326124ede67ffb","sha256":"83578f2d885c2bbb947a5dfcb065a29bed53ce51ebf382c15e5ab64c7f7a6a5d","sha512":"3f0d30a6655957f7301772c0a540a5274cb2712253c3e98e1986514b8a3d6c5a3bafa486376506daa3e25e6d08200dd27b907c132ca9a5d091625f9a68ecbe9b","ssdeep":"96:sth+y1nQPZ8wXVDSwPjTF0ocbaOBkH07QA:oReOwlDSwPjTF0ocWqkHy","tlshash":"c8917b5367ab3902b00ed4387bae5a562f1d8003630ade7c7b7c2358df461964a61fb9","first_seen":"2026-01-03T18:27:11.788598Z","last_seen":"2026-01-20T18:45:44.836602Z","times_seen":2,"resource_available":false,"data":null}},"time_used":803,"timings":{"blocked":639,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/fonts/helvetica_neue/bold/0552ce48-950c-471f-b843-1afac814d259.woff","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/fonts/helvetica_neue/bold/0552ce48-950c-471f-b843-1afac814d259.woff HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/.theme/theme_kbu/css/global_css/default_styles_1.css\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QVcf5alpRLPLZyYPyPW4PRZP2I0El1eBBx6SRPgqN3q9sVQqMrfKCHzAUP/ekibr5qyQRm8ZV4/oNxI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered\r\nContent-Type: application/x-font-woff;charset=UTF-8\r\nContent-Length: 22404\r\nDate: Sat, 03 Jan 2026 18:26:48 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!fPxDTUs+fGlTd6gPyPW4PRZP2I0El2VwQo8I7bbjo4R3MEivgBIiLe/B8iN7OL1i7eS6gPifF7d1pvE=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":22404,"size_decoded":0,"mime_type":"application/x-font-woff; charset=UTF-8","magic":"Web Open Font Format, TrueType, length 22404, version 0.0","md5":"4e7b011aaa22762ac2e776ea7cd7ef01","sha1":"7f8e08152cbb540f9b2efd9bd6799948155e3600","sha256":"a269939cfb4cf61f30a867d53d89e96698826070e0beb418bc0c267044be73ae","sha512":"9d55d1875c4bb91dee172c722df04f7fd25f7ac1d836a29214b583e8f8d08e80b97e9bd1444170aa8f16c8d17cd550df6602664ffebcae5a502b2afc878fd875","ssdeep":"384:SmTwGinuxz9OrIe2R2A11ugGlxJ6npCYKPhXA2k5vTKbO:SwXxYC11ugkv6pCvXvGvTKK","tlshash":"eaa2e069cc093975d8d6f1f8da44502fc8508288784bfc9ac9e5903d976bf6d12e7cb8","first_seen":"2023-05-12T13:37:44Z","last_seen":"2026-01-20T18:45:44.86464Z","times_seen":62,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":185,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/css/global_css/global_framework_1.css","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/css/global_css/global_framework_1.css HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 10294\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!jgVISN3Q9PPJnF4PyPW4PRZP2I0El3L7Q2ORB4CUsDudTAK7XVK0sJ/Fc1lg7rTXw6jaefNHfzo6msE=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77002,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (421)","md5":"97556a69cfafeefb5dd5af550270feba","sha1":"5c0519a6393c7e71c336a93a488ee2dab7cde435","sha256":"f7458c13de7fb80b51468c4d2792c163e62566e02ef92c92aa871309e98a9178","sha512":"458b609c35a772f060d155ffdfb18b36af746fd49b5678b1ee2b90ca6fc097d0e0b66ce94db6414d9328999a40a9647f905e8359a5d12a86d5df2b34a8a19063","ssdeep":"768:wINGlvUV/5BQlpzvNJwPI8Oxfb85v0usO/51D5yqXIFkYIrCyzP5RU+x2iQEAyqv:TYaV/OKbRU+xdQXZv","tlshash":"7e7301472fd5214966a260099eea665d232e8743a71eccf07d0cf185ef843d78cb2bd5","first_seen":"2026-01-03T18:27:11.792138Z","last_seen":"2026-01-20T18:45:44.84221Z","times_seen":2,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/css/cmc.css","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/css/cmc.css HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 1489\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!KZFT1k8MPxwGLj8PyPW4PRZP2I0El8sQT1xnYNp1NbfI25LRNMyoti8u0WYVfOSC3JaJrtgnanT+F5Q=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":5086,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"assembler source, Unicode text, UTF-8 text","md5":"e3b731f290369cd7d7df8dab8fe784ae","sha1":"f0d762d7c447d5c65c55fdf8fc3a49ec727e53b3","sha256":"8a6f3b198b8be64258496da4ffe9ca4fb96c42dd075be6ec9f5bfeb9bf52136b","sha512":"93ba245b9ecdeb69ab322d730c2a8b2852ba2714ecb4b9592d4f97831086befb1e638518e8f4a27c661ea7352fd791d9655d5ddd617626894c90e76e1eed1f0f","ssdeep":"96:K4sjxWDKTiqpmcXWKPJM2tWDgKCx2UfLiXHum2MxCb4W7yD2R2oth:K4sj9TiqeWKCx2UfLiXHnIcW762R2oth","tlshash":"3aa17241d3fb2d4678d3d0b8ae3ad34217685053924ede343f4c2058df8e256a4b2f8a","first_seen":"2026-01-03T18:27:11.793951Z","last_seen":"2026-01-20T18:45:44.854863Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1126,"timings":{"blocked":479,"dns":0,"connect":158,"send":0,"wait":164,"receive":0,"ssl":323},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/favicon.ico","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:48.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/favicon.ico HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!fPxDTUs+fGlTd6gPyPW4PRZP2I0El2VwQo8I7bbjo4R3MEivgBIiLe/B8iN7OL1i7eS6gPifF7d1pvE=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered\r\nContent-Type: image/x-icon;charset=UTF-8\r\nContent-Length: 661\r\nDate: Sat, 03 Jan 2026 18:26:48 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!Mzfs417/OhwoI/sPyPW4PRZP2I0El015Q5wUnIMnAr2COTeHLJdy9zT7CQKq5l5mosi7cw3PTcXJ4Qc=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":661,"size_decoded":0,"mime_type":"image/x-icon; charset=UTF-8","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"ea4b275c774e8170ed54751d39a6adbf","sha1":"c4fda6c23491accd170362ab21108d8ae31a647f","sha256":"735143f90a8c225ffe4c0a853b25f2068510d81f8f6a82db79db00233ccc4b58","sha512":"3bb85c34e3472a0c20dfc06f13c51782e2e8691b75596761517e9bad3452b23331a0c289015ab27a11742216c5e733f35bf7b6204f80405bef363d6c7d1fc203","ssdeep":"","tlshash":"710123c2edb588ee8c971a220f030b41e9b5b82113c6045b9e0cea148804da228d1bc6","first_seen":"2023-06-07T06:57:23Z","last_seen":"2026-01-20T18:45:44.831333Z","times_seen":49,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/.theme/theme_kbu/js/katabat_js/core/katabat_core_1.js","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kbuuat.katabat.com/security/login","date":"2026-01-03T18:26:47.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET /.theme/theme_kbu/js/katabat_js/core/katabat_core_1.js HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kbuuat.katabat.com/security/login\r\nCookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; BIGipServerKBUUAT_site_pool=!QxTp3jA5TllN4nwPyPW4PRZP2I0Elx4f0G2WriKAB8Q6mF+ImPenS74W89YEEoloYDhlE2dNEibgqpI=; TS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; login_B043F64058321167_CSRFToken=HgjNxhdKQY8tsnsz9XO2xjLrJzhsH0XFzrioHR05Y_0; com.cmc.web.SelectedLanguage=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nX-Magnolia-Registration: Registered, Registered\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nContent-Type: application/x-javascript;charset=UTF-8\r\nContent-Length: 1835\r\nDate: Sat, 03 Jan 2026 18:26:47 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nSet-Cookie: BIGipServerKBUUAT_site_pool=!QVcf5alpRLPLZyYPyPW4PRZP2I0El1eBBx6SRPgqN3q9sVQqMrfKCHzAUP/ekibr5qyQRm8ZV4/oNxI=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Magnolia CMS","description":"Magnolia CMS is a Java-based, open-source content management system that employs a modular architecture and JCR (Java Content Repository) standards, facilitating the creation, storage, and retrieval of digital content within a customisable framework.","website":"https://www.magnolia-cms.com","common_platform_enumeration":"cpe:2.3:a:magnolia-cms:magnolia_cms:*:*:*:*:*:*:*:*","icon":"Magnolia CMS.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5531,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"d31f33ec5896cdc001141f5fe0919de9","sha1":"acda54d4aca91df1710cab66fcfaf0f9fa0105cf","sha256":"0ee61589cc8499d70bb927cb02e1bfff96d6bf6e7cc6172f58f8146d48b56575","sha512":"31f2acf0d311d45a40693e4519a95964dbbbedc20c06bafa5cd8604163fa2098dc6f0db21bd964a3d484707d37a9e8db453b6795be565143cb29bd6df5672c60","ssdeep":"96:jZpgwqD/jj3e3g8dSN8pQy4Z4ipDpJE+Ae84aznpoHrE84eYf/uzbUJ3jptoZm7j:jZpgwqD/jre3RS0Qy4n1Js4azpu4eYfT","tlshash":"4eb1318ba1e32021167b2577aabf02587e7301071c05ed007a5ca7d16ff0a7a67a6f7d","first_seen":"2026-01-03T18:27:11.795757Z","last_seen":"2026-01-20T18:45:44.852793Z","times_seen":2,"resource_available":true,"data":null}},"time_used":806,"timings":{"blocked":641,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kbuuat.katabat.com/","fqdn":"kbuuat.katabat.com","domain":"katabat.com","tld":"com"},"ip":{"addr":"162.220.107.224","port":443,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T18:26:46.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.katabat.com","organization":"Katabat, LLC."},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 26 Feb 2025 00:00:00 GMT","end":"Sun, 29 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:8C:DB:52:68:DB:F6:9A:06:AB:AB:14:E6:47:1E:23:84:A6:81:C2","sha256":"76:CA:70:37:95:60:AE:47:2E:4D:2D:FB:74:46:F1:B1:20:7E:4F:96:0D:BD:05:18:BD:4F:C0:82:59:DD:4C:76"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kbuuat.katabat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 \r\nCache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'none'\r\nLocation: https://kbuuat.katabat.com/security/login\r\nContent-Length: 0\r\nDate: Sat, 03 Jan 2026 18:26:46 GMT\r\nKeep-Alive: timeout=60\r\nConnection: keep-alive\r\nSet-Cookie: JSESSIONID=9EB41C943D1A2BB3767F4DCFABA8850A; Path=/; Secure; HttpOnly\nBIGipServerKBUUAT_site_pool=!o5M9wjLa9+ke5UAPyPW4PRZP2I0El1Oq7aRdLSKEXyAl1Zrwp5qNPViVCpXl2XXMfx/9dfRTI3mpUvY=; path=/; Httponly; Secure\nTS0111fcde=012b912bbb235742370e623a3b1cee536118fd778b982471a26f60ef44f00f985c4d987241ab8aee6067ed7446282ddbd336e9d670; Path=/; Secure; HTTPOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":50604,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T14:28:37.844917Z","times_seen":13542679,"resource_available":true,"data":null}},"time_used":1184,"timings":{"blocked":509,"dns":0,"connect":169,"send":0,"wait":166,"receive":0,"ssl":339},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kbuuat.katabat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}