{"report_id":"1243e433-0c84-49c6-b80f-3cf90a5d840f","version":6,"status":"done","tags":[],"date":"2026-02-08T06:09:54Z","url":{"schema":"http","addr":"mj67vro.sxmhwjh.com/?6877550.html?xinghua4dpdkcl620044","fqdn":"mj67vro.sxmhwjh.com","domain":"sxmhwjh.com","tld":"com"},"ip":{"addr":"198.2.207.81","port":0,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.yjedsgnx.com/register","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"title":"尊龙凯时 - 人生就是搏！","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mj67vro.sxmhwjh.com/?6877550.html?xinghua4dpdkcl620044","fqdn":"mj67vro.sxmhwjh.com","domain":"sxmhwjh.com","tld":"com"},"ip":{"addr":"198.2.207.81","port":0,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-15T06:09:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"awscloud.servicefu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"ips2.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.yjedsgnx.com","ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"domain_registered":"2025-12-04","domain_rank":0,"first_seen":"2025-12-26T09:45:25.240844Z","last_seen":"2026-02-07T05:05:46.154193Z","alert_count":42,"request_count":21,"received_data":90687,"sent_data":21066,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"344a78img.a0008a.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-04-03","domain_rank":0,"first_seen":"2025-07-30T04:41:26.918474Z","last_seen":"2026-02-05T00:04:06.13883Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":487,"comment":"","tags":null,"fingerprints":null},{"fqdn":"awscloud.servicefu.com","ip":{"addr":"38.150.72.244","port":443,"asn":142267,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"domain_registered":"2022-11-17","domain_rank":0,"first_seen":"2025-07-30T04:41:26.912534Z","last_seen":"2026-02-05T16:06:18.972229Z","alert_count":1,"request_count":1,"received_data":384,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-02-01T22:20:39.584991Z","alert_count":0,"request_count":1,"received_data":441413,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ips2.io","ip":{"addr":"154.64.201.199","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Japan","country_code":"JP"},"domain_registered":"2020-12-09","domain_rank":1673908,"first_seen":"2020-12-15T05:28:49Z","last_seen":"2026-02-06T06:58:46.922036Z","alert_count":1,"request_count":1,"received_data":194,"sent_data":589,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.25.3.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"mj67vro.sxmhwjh.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-03-11","domain_rank":0,"first_seen":"2026-02-08T06:09:58.076575Z","last_seen":"2026-02-08T06:09:58.076575Z","alert_count":0,"request_count":2,"received_data":41232,"sent_data":960,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.8.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"3s.hqvai.com","ip":{"addr":"38.182.202.2","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"domain_registered":"2023-07-06","domain_rank":0,"first_seen":"2025-04-11T05:52:01.877221Z","last_seen":"2026-02-05T14:33:15.354706Z","alert_count":0,"request_count":1,"received_data":129,"sent_data":543,"comment":"","tags":null,"fingerprints":null},{"fqdn":"best34478-go66.kwarmirtile.com","ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"domain_registered":"2022-11-21","domain_rank":0,"first_seen":"2025-07-30T04:41:26.908502Z","last_seen":"2026-02-05T14:33:15.218792Z","alert_count":71,"request_count":71,"received_data":4162617,"sent_data":36429,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-a9c7c5c2.13f6887d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"840fcfac4787230525796bb8d2a1b0a0","sha1":"2725a9c5bfb86bd2bcce36ff1795f2b0e6ca04f2","sha256":"012967ed7ffa710ca13c29f6a5a8cdf387117a649ef4da2fa457edb6f7a6d3e6","sha512":"dff797a96127b4db4901396c99ebab3c6fcac68e0d04e35fef82ccdbe188f73559fdc9c92d2dff13abab73fbc8d8dba28952822240f1ac237114836164e0734c","ssdeep":"192:ELSBzM03RDZG2PB1BxVTHKnA3NgpckeXtXgpY7zREgtk4EC1H1BxU:E4M0hDZR7bdustw14XVM","tlshash":"6a42d86cb186f172cdbbb2e3684f1595e3a61a4c480484cdb970eec65dd8e44632af3d","size":12890,"data":"","first_seen":"2025-12-12T04:38:56.876673Z","last_seen":"2026-03-05T02:04:20.456908Z","times_seen":5369,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-3b31b386.1dd351e6.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9bb9c28a2ea36dacc29bb61343ce1340","sha1":"a37792a198d20d23480bf744eafde7c3a31d3766","sha256":"0f7518d25f36e799f5d4364c4712cece7f372d5a46e0842efb5966656391d214","sha512":"bbd51e240e9c38df83012fd2d1fed3052c678474967d6cc02f255e96f805cbb5256147919ac5302171cf660347581e952f62d2aa9b04bdf2dd2bb1300bfe1e0c","ssdeep":"384:JGaZPEJE2DaFsEszsyD9fxEb1zOqxCTAcp+SeFmuVPV1VX/vL0gHPp9bvEdnWak2:JGwPE6k7YNVTtjNakn2","tlshash":"c2c2b69cb1daf0860fb260b054bf5107f27a6d98a80994c1b970e4c17db4e96a372f7d","size":26895,"data":"","first_seen":"2025-12-12T04:38:56.896059Z","last_seen":"2026-04-03T20:42:58.809574Z","times_seen":6311,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-8FRE3KY7VN","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e861d5a33d5f62c79cde684e94edee3a","sha1":"316beef70e7037bc3876dc6b2f2e441cff54fecf","sha256":"f141b096fd0e6e68b1fedde906c6faabf021d13771678324ff0b78a1d0520b88","sha512":"e193bfd1775e004f51d8fff96a68b8a46c062af6d07542697acfb44f916ae84b9bb5f57a89d9b59c658168ce965078aa28db39012df55cf6be8fc6e10aa18e11","ssdeep":"6144:lIbh3hDlzzfR681qbOqR51/48BjM3cp81Qj3AEFytI10KTB:Sbh3hDtz56nbD/48BzFy4B","tlshash":"1c9409de73c674225396f478502f018ba57b28a2f48cc89af189cce42d74a9a4177f7d","size":440809,"data":"","first_seen":"2026-02-07T18:31:00.141329Z","last_seen":"2026-02-08T07:13:06.42589Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-24dd02d3.714d06f2.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c5d4db2eb8bce648ef88c2d779142d8","sha1":"83d3c793ca0a7b4422ad14aa7c6ebebb6aef6263","sha256":"0a8d3ea31265201d3822648c6ef2d38287663a83ce22e9030d00a2c4918fba86","sha512":"78e58239c9b0b731eacc7cb1d28879bfe37cec97cd0770e0e63482ecde1c8641b1d1d0978712ecd07b193986356384c57cbe311a6371a82d1d499df7e8ed7cb5","ssdeep":"","tlshash":"8651a6ac35d3f6765776b67de0271249b3996d95240e5d12eb18f8c2b300c1ae2323d5","size":3061,"data":"","first_seen":"2025-10-03T04:20:57.632354Z","last_seen":"2026-03-05T02:04:20.441783Z","times_seen":16191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/fingerprint.min.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb3a87af78d24452e4b4c94427e5444a","sha1":"f85a210257a5878a075d3cf55109233aae4639e8","sha256":"00c7520bc1f8deef83b091924e25f5cffe6a6d22965d95bc6b790695b785c5e7","sha512":"5b7bef606d230310bba22124ad98e772a5e9e762df99a7d69cfa5ebd2bf4f267ab0254d8b9533be147c7ccdf6e7c21a6400a9ad7ea6cf0a0f728e7f55364873e","ssdeep":"1536:NSCtfIkmxPDB+nQZPpasUiPXHJhiSfa+yee4yGqvBFcbrtgJFc1N:MCtfIF1aUPpasUiP3Jh2+yN4y1A6jwN","tlshash":"8393188571e77424039250e5052f040ab23ea96d745e90bdfa6dd8e2bcb5c8e523ff78","size":89655,"data":"","first_seen":"2023-06-01T06:54:23Z","last_seen":"2026-04-03T21:27:41.017542Z","times_seen":18657,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-vendors.cfb3c532.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"445ea964936a563cfe0771ae8f77dcbf","sha1":"ac1b426ab7bbdd41bce86294390584153435fcab","sha256":"eab638d91abb363871968ecfe88cc2c8d6570dc0e0b5edd1067c428cfa819a5b","sha512":"6d4c1391c3a21f342c56d871a65f548e5ec782497c29e4bd3f18fedd679d339a6564d6bbc48516520b2a6214ce8067f8d8eb44830f8c249da6c3257ef95f7e7b","ssdeep":"12288:/j4mKS8v4hvamsnbZx61RnsMT1bzHJkJ/evr:r9KVvUvOE3JTtJkJ/yr","tlshash":"aa450b84b7a5b02247ab35e4006f500ff27ab62d684b44acf269d4f5bcb894d553bf38","size":1178419,"data":"","first_seen":"2026-01-30T09:26:23.747374Z","last_seen":"2026-04-03T21:27:41.022562Z","times_seen":2966,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-218c9962.34976e74.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc1de173df03e26bfc6bd8fd052ed56f","sha1":"9745b1461cdc35b85abfeac7cb103707409e61db","sha256":"95ba2598a70e9252ec1aaaf789ab379b909562e1d6de3f015d7bc12492a9a48c","sha512":"4735b3b548a003d5d67c5c6399349a26ac815c61ecaf322ab469c0a512e83a800bf87a4263552f08a09821f1cf4f86b3d9291237c442799bdc09627f417099a9","ssdeep":"3072:pXVNfYSq8kyb46d9G4qQ/WmfH76LZL+kkIZJSB:pnfxkybDG4qQ/WmfH76LZL+kkI7SB","tlshash":"68d30889b31071a591e72256539e810263b35855b90ad0e431b6c8dbacbdd9c03ffffa","size":136351,"data":"","first_seen":"2023-03-07T12:21:20Z","last_seen":"2026-04-03T21:27:40.99113Z","times_seen":18457,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0f0692.d133ba28.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bdd0c7a665400d7d85f52220b49e2158","sha1":"181c07b03ec182a9ca7be4c7c1ce4aa340eccf24","sha256":"9a0bfde4cdac09bbd966cdf2f175686e833952339cc1117ea61aa7a0bd5d52e4","sha512":"73f146cf75df0c4553c35ccfba04f1faf010befb92a482d13e9c150610174693e63b9b9bae6c764874cc3e0b849ca1e1f122dc01857dd87af02d0c8cb364cf89","ssdeep":"48:lD/rF5jQ9VcKRlWdV1HwiTGWiC3DQVUbBubKDeAOnRenMERUuTFHMllxbXxK/ebM:Ro9VcCa5FYKJatULxkfNmb","tlshash":"d991e88db1c2f6940737a1b4c0bf219be77e2ce1784a96508e91b0e17e24165b773a1b","size":4218,"data":"","first_seen":"2025-02-20T10:16:23.066778Z","last_seen":"2026-04-03T21:27:41.010075Z","times_seen":18323,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-57cda438.f512d899.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8e0606efa56e48572d5dd7473c6043e","sha1":"ee928da7cea532f572842690068148748807df6c","sha256":"2c4e2e06df2c7d7e395bb7f7ae9d1fdfc96f6938225c68d02e948baaeab55133","sha512":"03beb204e4611ca4ae8e162daaa88ca09c0628720d3a1b7e3b3c68b734cbce97373955fed066ecfe628f310e8e521bb325ff97d13f55add216439bac5604f6b4","ssdeep":"192:bnE2JstMcPkbFp+O+lWYv+/hWFwEaOGAtkXfAnAqgQ7JehJ/M23nAzuQRRd:bnNJs+cCFp+OWT+ZWFwEaOrCEe5yuQzd","tlshash":"e7a2d1d936c0b066a3632a78413f391f70e29b51e94fce50be6bd2c0b96a0fd1257d49","size":21397,"data":"","first_seen":"2026-01-30T09:26:23.715514Z","last_seen":"2026-04-03T21:27:41.009586Z","times_seen":3354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-eec3e544.25d81121.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f99e0e684bb63ba5d1dc5a2ea2d4f3fa","sha1":"2945c842d62a62c42fd2402931ee0ec33cc8e724","sha256":"1d854d3bec673b518a944213ada4b99618b9a7dc1880792d4b64d33313b3e1bc","sha512":"634a68dcf047c3b029f83d08bb3a0190f5494f73950acf60e44fdc3765cfe14e54dfd30b6d431c8d8a14a06651d2b43ae1ef89af183e19af15ab7bbd322b2e33","ssdeep":"3072:VOofIjdeTPpQw0wPSgST+yj4yBtblc1Mq7j0a1QTt8VPnsooWC:VodjtblDk+","tlshash":"9004f889b6d2f4b50aa7a0e5002f1106f23a5e49b81ad099f774d8d1edb4c4e533bf78","size":184638,"data":"","first_seen":"2026-01-30T09:26:23.704555Z","last_seen":"2026-02-25T10:54:23.156215Z","times_seen":1704,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/js/news.js?0.07237406227628829","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"973741c799383e7ec2a1240f291b74f9","sha1":"5072708f9579918b1ac307a1cc32a5dccdb39cb4","sha256":"5dfa1a006dc84137e102aa9143f8ebce25ea3c47f77f6b7fea9387b7df73d492","sha512":"b3edc04151ecd5414e74bdc0071d14157f256d2df61570f28c5857fc346a08a129c216b7e95783f2d37ed7f93248c02584ac348840beb77423059f43fa32dd5f","ssdeep":"384:682v44a41FyDJLFY9BoHUCS9UZuA9n4/LpalQ:pxON2YA9n4DpZ","tlshash":"6e524b3b632dabde180906ea0b058018780c2faf58336b54fff395ad20ec9564b7596d","size":14008,"data":"","first_seen":"2025-10-07T13:03:07.37578Z","last_seen":"2026-04-03T20:42:58.816052Z","times_seen":16921,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/remove.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"94ed439cb8de35a91de9bdad32469b29","sha1":"ae3e44a863b6dfe4e1fc2a007cb12a6890e17a9a","sha256":"a65d0eebe0466b32a77d96350fa3d63983cbdb6d2cd7b7ae7bfc03222e7f5430","sha512":"6b9206d6203b2e75f4883c2bfc79cc7c0020855c5e7c68c84ca87d924feff1f10275178174f08d4a98e7ab908a5e024af483e08384c3c8b44210372ecc500fcd","ssdeep":"","tlshash":"0eb092ba3241c66556c62f72a426a20c7fe930136c0ad07053040471d420eda10f7edb","size":124,"data":"","first_seen":"2024-06-10T01:44:34Z","last_seen":"2026-04-03T20:42:58.849895Z","times_seen":13505,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-96005406.cdb85a82.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8439ebded5a4601039d488ec0800cb1","sha1":"03652fd8dc3e3e4ff222812c7dd50d789e64cee6","sha256":"d4cc9c1fa1bbb8d1d0d6df043c2d8f363978c63e9a33e9dae8e4fb9629a33a3a","sha512":"0979624238d5da3795041e0f7fd1e1c39c1b9e88f63aaea4856b1c3133086351cda07a96ebb99817b1626f90a1b3a3505f21c141e143e373ad12c6809a258baa","ssdeep":"192:bBLutXUqVvXco661Gik93nS7mhmpeWy5W5mYy055memwcBS+Z8bEMWB5p+/pSVi/:bBSltcokyv0Sw8bErpip7oIgDKjVd","tlshash":"2f9243cdb6cbf86003767170402fb106b67968807c4b9a49fa54e1e37e6046da276b7b","size":19857,"data":"","first_seen":"2025-12-12T04:38:56.826961Z","last_seen":"2026-04-03T20:42:58.808374Z","times_seen":6324,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-1ea0fc8a.6cd64c25.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f2eff9f9feee953951188dc524c11a8","sha1":"f65ce839e9025098e9b318b4859a2be14671883f","sha256":"55ebf7fb259672b24568ff6dd597bffba6eb226a46b8afe24e9a2d01609a5909","sha512":"09eec0c956fa38882b69cacb7962c8a076fceda97599d2ae31519fe60d4359cba674029692d79180a11cccf4d450a49f4ac64589517b59ee1b30f52d3ead89b6","ssdeep":"1536:kx4PNjoBpSRXs972UzIYFLIENqFLWo1S/YUqPnqTfTOXwnDFu267DaJpXvll2Ym2:kx4PNjoBkaSaFgF9MZXv5dEHtfg6twr","tlshash":"0ee3098cb286f4b94ab371a1203f2506f3721ec4a415e548b638d9c1ef95c6d536eb3e","size":150490,"data":"","first_seen":"2026-01-30T09:26:23.694142Z","last_seen":"2026-02-11T03:43:17.178183Z","times_seen":1022,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d22c4f1.58ef3486.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"166690ac780d03f8314a059f428a604c","sha1":"55242f5db60e06a61d4a798faa2bc14a94fa6277","sha256":"c2e827497b807a6b5ef6a5fd659b8890dde8ab13b04999aa2d6d9b6cfabdd9d5","sha512":"91ccad9b65336dfa6fd1e42529e0aac0d0e3d5fe7b4d339ffb2cd5e4a7905f1f2a5b645825aa30a56a7f3cadc782e95069b1d66c0b676e952885415cd2d9243c","ssdeep":"","tlshash":"52d02eae3041f420197ea5d410af33b6e2af34942ee914240ee0e4e03a618cc643164b","size":246,"data":"","first_seen":"2025-04-27T22:25:38.207325Z","last_seen":"2026-04-03T21:27:41.00024Z","times_seen":18246,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/app.159e195d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8fa34ff1e8fe43d32a9b99cd3d80f13","sha1":"e79353cd76b1452b93fb971811cc44901d641fce","sha256":"884dfe684651a87f7677f592aee0173c6765aa35e9fa1f8e4567d88ac650bb32","sha512":"98d1e14dde7a34ecce497f8924fe15a3d42433da4e70d25d421d04b7ba982b78bb57993f0edb8a3427f7b2fd9068c06be7a91925b42f711c04a22b62fc37e4d2","ssdeep":"6144:iy3JRa95QaQY197ewjWFnDv02DHAXIUn15HqAJrk:xEt19yFj02DVnL","tlshash":"e0e4e8ed75cbf199076335b2612fb642b1aa7c41742e8522f734dcc2f550988a333ea9","size":663920,"data":"","first_seen":"2026-02-06T02:02:05.841873Z","last_seen":"2026-02-11T03:43:17.181113Z","times_seen":492,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-143a7152.9f7819e6.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"861d5e59d4e707f685d217adb405a291","sha1":"4f56b83bde4d00b1085043d393f98aa2f49e1c03","sha256":"44fef1002101067f099d7053f4bbae0300d209461bacea49828d32646eb6d5c0","sha512":"26b963a07489f8b358488f0c35efc27f8cd16452554d57fa38e0b92e263a07981e60ca02fa1728b9e7c3465e96c12ae8661c8340ce582e41d9dd33966c96be80","ssdeep":"192:hR7nlHVIdJsZHW42RvSjW6UlFvyk1X1ZIhMPHC+VqNQCQLfOJp3dMqDuwGyeUZ7k:hR7IdJSE0W6UWjhyHCt+yeU5o","tlshash":"d782d89db2c2f0b15aa370a5502f610bf3355d84704ad1c1d238d9e0edb89ae437bead","size":19010,"data":"","first_seen":"2025-11-20T02:21:21.426791Z","last_seen":"2026-03-05T02:04:20.439075Z","times_seen":9937,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-78c8c59b.2f68a23a.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a231fc6d5050991ad196a4943efa568c","sha1":"7989ae5c4d6f8ec85b8b2bfdd9c447bb10912c36","sha256":"5564debf185acbd3cf3ccf4e8abd34dc72a17e4e46a7dbfec0963df996a76891","sha512":"e8be4d4ee16c8e43b3645be6451994ff65f32680230255bb48c9fbff8b88ed6abd37033b3f9df5e6d596fd120c382a718576bcaff253220bb60f0bd1f410ccc0","ssdeep":"3072:iFr8tbsQZQUNJ3ak9uPRj+n55b7cQ0fG9l/lARKJ4P43HdIXRb2CqFF2sPXxt3mF:3tb1l/l9Hz4iK","tlshash":"27e3e749b1d7f4b90af76162103f7606f03b1e80a419e099fb38ddc19aa491e527af3d","size":146768,"data":"","first_seen":"2026-02-06T02:02:05.854473Z","last_seen":"2026-02-11T03:43:17.188986Z","times_seen":492,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0d0bab.cb4c3929.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81888f1215e269075e2836e59416c641","sha1":"3dfe5514fab77fcc66863e0416350ddfe579ae56","sha256":"abfe652a8d79b5306640af6c84fcc499efffb37eb74f3338efe43daf80ded445","sha512":"1ca856180b5a2ae7de26efbd6ee13cb0480bd1c2836489d9c2fa553c04ace4950692ee58652008d3c8f7f70fcecbe48adb47ee37bbc0050ce4f6b9b8e6a6ac4b","ssdeep":"","tlshash":"44d0c29d7081f02808e7d9a5617fb3a77babbd842e07dc504d5490703a315ea5721acf","size":286,"data":"","first_seen":"2025-04-27T22:25:38.233173Z","last_seen":"2026-04-03T21:27:40.976372Z","times_seen":18106,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/js/abc.js?t=1770280692925","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa213ed8577969e2e66d32136116731b","sha1":"cd17edcb08d8315f9d5fe88e272544918bb90800","sha256":"7c5fbc18dcbe00547752d6a798782eeee96227b40d9f7062ef7fbecadfc09be2","sha512":"e76465f6ce8ce8fcbbbec2090a4abc5b06222108db7c67193fa67fa34dafe03edc3614ecedf8baa8f6b216d15ce66eb382db1f5c8bfa883346f1ce0905fd9208","ssdeep":"384:1qhdjw5p36o3626fZlpUJ6Qpc+8XOq4FHyfLzsb+nTQgl/GPLqoRP:4vjw/KoK26fZjUDe+8XOqcSfcb+nTQgM","tlshash":"02a20e710cd3544417935b6b622fa4e8e3b609272d56ad47b82c2244afcfa1feef1570","size":23298,"data":"","first_seen":"2026-02-06T02:02:05.815927Z","last_seen":"2026-02-11T03:43:17.143078Z","times_seen":494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/3s_web_detect.js?product=344a78\u0026module=frontend_new\u0026v=20250507","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d14ddc3e8bc1dc79357b74159f71f04","sha1":"12df5570db8c8deb75256ec7aa78c50955bf8a41","sha256":"8b252c8fec657c4596fdc851ccfdeb8ed1c9b2433f19f63d643eb1d0275d669c","sha512":"6fc44d271e892bba6d48fe9ddbdde790bb336538f7e5925e00954a832530727524285dc7132da036117e2dc27424be78f740ea87192664c3ce1d64d87f3f0ba5","ssdeep":"768:N52s3s7wTspsksLhsN5AOzYGwDgWRb/AM07OTQpzfxe5qefL:NsojTQp2hIUgWp/AM07Tfxe5x","tlshash":"b7232a9d718a7075437366e9273ff208b0766aa0240e8400bb7695853c74e5be27bfed","size":45750,"data":"","first_seen":"2025-04-27T22:25:38.185365Z","last_seen":"2026-04-03T21:27:40.976937Z","times_seen":18509,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-74598ce2.6a362893.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"055d4d35afef91473e347b39bc038786","sha1":"091d82536c19bf49ee14c8171471e9a12cae5947","sha256":"310fd4fd18bef0f3f8d20ae1a56fa560b3e29692742106c7f92443f336a38443","sha512":"efe18abe9661e52b7692b949d102f254aaa76a0e3c2166063d611773e3441c365ab7f36904642f3685498ce7100d1d1590509a86867331f200d424fd6f630bb5","ssdeep":"","tlshash":"13016dad7281e0d04fd690a0c077a3aff6aea9a07d49d32089a1e0e137105eb6123a47","size":745,"data":"","first_seen":"2024-12-14T05:41:20.950845Z","last_seen":"2026-04-03T21:27:41.005702Z","times_seen":18287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0e885d.9c346fc2.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"714711cd68f029edafa6ab087f7dfe93","sha1":"6354f9ee41d4ee9a3df124281bd22e0c2d507370","sha256":"f2e041275dff90ac47488d2f49e161dd21cd8ecfc35f4ee81e0c816afbe3f7dd","sha512":"4d4ac7873175e901262fdf880c5cf54417a4e0fb66cdfaea94867dd99cb76f71b4dd3a2e96e70bce9b71c48afe64e21c3e30f15f12817d0c65f8294b315fcaaf","ssdeep":"","tlshash":"80d02b5e3081f44515bea5ec516f6391aa7b39a01e5624510d60b0d07734489812168f","size":257,"data":"","first_seen":"2025-04-27T22:25:38.191844Z","last_seen":"2026-04-03T21:27:40.969754Z","times_seen":18179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-62938ae4.98b1938b.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3815bf3bb10dd5e1e02aac55c226b427","sha1":"f58cd168a5e3703ecff57ddf96744644ff493748","sha256":"37d75259dada6e6f6fa228b8596bc23d4d52fcbc5187d4298bf44224b65e8d3b","sha512":"68ac65be94020f6459f7ffcf57e69882b1a434867a8d1eea85325f754dcb7fd15316cd226fd0c5596836005b2301b3bb5af059d77758c45463a299cfa3e436a5","ssdeep":"768:dkvNvD9M/D3jx3MywSsSLF4WNWHJRW0lRqf10d+evmawTy9t2iJIsD/AwoHeC:0vVlMf10mZT6oiJVD/Axb","tlshash":"a8131918b08af1cf4e7370a1a41f2583f1a61b80d109e9a9f774d5c1e795d2d239e93e","size":44636,"data":"","first_seen":"2026-01-30T09:26:23.68339Z","last_seen":"2026-03-26T00:24:46.177279Z","times_seen":3190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/saconfig/secure/yunwei.js?0.11473942829237227","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fcc9440f7a59f458b991fe0ed0ad70b6","sha1":"b5a3b71d0872d6a240c5ac1a02cf40d83b7a9118","sha256":"06445e94c0f0be86d20e1c995f901722de18f4798316ebb4bfbdf88b12f830bf","sha512":"9f31b0e965103b8cc9d3fecb5a5cde16012535943953d1ac8a5c380ad6e8cad20a776b763f0659f0547d6ada03e88543dda9bcf43ece846d2a581b2ecde77888","ssdeep":"","tlshash":"5f2175e74898c91812b04298a25f3f48ff501b2710c38c5bf5be11802f3b57eb3a1994","size":1347,"data":"","first_seen":"2025-12-29T13:32:32.227692Z","last_seen":"2026-03-27T08:03:34.249462Z","times_seen":5374,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-c045d38c.dde4650b.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f8c5524a2bcefb34c1f66c95d9596ea3","sha1":"2d82db3bfdd2952df9ef079ee7787b282596e47f","sha256":"de24c81f3372531294ee4926a24bf92ee9f0611c3267e3b635c1db9a0218bf90","sha512":"b28b4307cb0172bb3f57286546bde289dc876a2ffe588c599eade18210a42eb3f4cd2d9d51c65a78f74aaa7c45003a1844323ef9e854f5a55f12b025395687ab","ssdeep":"768:OnU18iiyn2IplB3skTfys9aVqB0pZy9U901vNqV3lrTrCKRzISQ3Q49NzKfhCKWl:OFs1TfyqBquqJlrxFgh2zse0D","tlshash":"d943d588f695b05903a764a4002f140bf1bae928b85d58b4e751e4d27cf8eded07bf78","size":57229,"data":"","first_seen":"2025-11-20T02:21:21.469468Z","last_seen":"2026-04-03T20:42:58.862233Z","times_seen":10882,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-718b4916.ead72895.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b974b3eba8bc36dfea205638d21aeac8","sha1":"0e8a053c145186e5c4f5d324928f18ed1778a152","sha256":"6be30a8f6b8b925e5f6b861b8940001161bcdc6b9c00a1fba762c49f8c10c805","sha512":"515966ae1383e11a8a54e32e09c2b485142069dd557e15b822a87b059fe1590c206a93d7e9c823db1e10b714b60e7ce813d3df8447d3e59a314f7b00b8b01a46","ssdeep":"384:dER4t1oMCpxjYmyKTRAadc+eMzeO7vzB5c9fwVdCbqc7:6yenxjYRKFzdcwNLc9f8dFc7","tlshash":"1db2844eb2c3b04527a3b068451f790bb3b93725648fc584f6aaded0a93d81f5272d1d","size":25669,"data":"","first_seen":"2026-01-29T13:25:43.85457Z","last_seen":"2026-02-11T03:43:17.177635Z","times_seen":1048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0a3529.5c4d23ba.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a3ae42df44a01557a7182f000a7cfcb","sha1":"1ab42fd4fccc139fc48e075e54b64f506f9e2f0d","sha256":"b22cd2d8ffdfe96036d9a824863f3342126a8ed17615bda1a1ca1774964bcbc3","sha512":"b2fadab7e2d28ffa1ed68abcfadf998070c75ba941c370d99990eca9502a714bd45d2ecfd0f9b4918a144d711c66a30953ae80ac2088f13eec1896b75e7f6e91","ssdeep":"","tlshash":"5d1176cdb0c1f4c48637e0a8306b329ba33f28956c0999958f95b0d67b21158a762b9f","size":881,"data":"","first_seen":"2024-12-28T16:15:55.716131Z","last_seen":"2026-04-03T21:27:41.010563Z","times_seen":18226,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-c045d38c.5bac6d90.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-c045d38c.5bac6d90.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:05:17 GMT\r\netag: W/\"6979b94e-160e\"\r\nexpires: Mon, 08 Feb 2027 06:05:17 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:05:17 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1708\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":5646,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5646), with no line terminators","md5":"9e54b826cea37d5a84de87b691c58c77","sha1":"76a97498c63c235641c25fc03541c46acdc6102b","sha256":"f43cda8fd2607feff9db7e0d880222dd33b1b2b95e7eac91e41d3ff96916dc70","sha512":"47b7546f061dcf17cb9314e44fc8326dfdf4a0f32bf1bc1737c59fb8ecb127253601bf8380d90fd8055d9bf4a1c949cd1123860b9560757f0778fdb3c91866c2","ssdeep":"96:wCowvhNSwYLjUfXNwfXh3U6KOsZsQfECBjnO6IfWEjxEElEEeajsvNdqyU1G12x:wCowvhNSw8jwNw/h3U6KOsZsQBT0WEj7","tlshash":"79c17678e80e38e3a26b47bdc190b8054d05b557d6135f147ad2e19db6c9ec207c7b27","first_seen":"2025-11-20T02:21:21.521435Z","last_seen":"2026-03-05T14:33:04.698549Z","times_seen":10033,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-57cda438.f512d899.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-57cda438.f512d899.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:01:47 GMT\r\netag: W/\"697c2e09-5395\"\r\nexpires: Mon, 08 Feb 2027 06:01:47 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:01:47 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21397,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (21397), with no line terminators","md5":"a8e0606efa56e48572d5dd7473c6043e","sha1":"ee928da7cea532f572842690068148748807df6c","sha256":"2c4e2e06df2c7d7e395bb7f7ae9d1fdfc96f6938225c68d02e948baaeab55133","sha512":"03beb204e4611ca4ae8e162daaa88ca09c0628720d3a1b7e3b3c68b734cbce97373955fed066ecfe628f310e8e521bb325ff97d13f55add216439bac5604f6b4","ssdeep":"192:bnE2JstMcPkbFp+O+lWYv+/hWFwEaOGAtkXfAnAqgQ7JehJ/M23nAzuQRRd:bnNJs+cCFp+OWT+ZWFwEaOrCEe5yuQzd","tlshash":"e7a2d1d936c0b066a3632a78413f391f70e29b51e94fce50be6bd2c0b96a0fd1257d49","first_seen":"2026-01-30T09:26:23.715514Z","last_seen":"2026-04-03T21:27:41.009586Z","times_seen":3354,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_4.b3978b35.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_4.b3978b35.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-c67\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 3175\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":3175,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"9d3f03597ced6ebb5f532215512bf8cd","sha1":"ddab5fb8c5fc7fab060ed44bb9d93d9e941ba313","sha256":"da6fa144f139e9f260d5d2beda2461541964178da632449ec7a9fd87d67415de","sha512":"840e517e63a4c27d468985d84d80b118935106b3daa4c88268b6cb95668c35dac11f4bfb252058a6be89ab745fff4ee295cc2350f9ff7c2c6b452487e35f9da3","ssdeep":"","tlshash":"87615bc138578364e2dd5bfd5d1aac64484c49a8d20ae2389bcf40b8d737a0b08bfcc1","first_seen":"2025-12-29T13:32:32.232962Z","last_seen":"2026-04-03T21:27:40.970894Z","times_seen":5222,"resource_available":false,"data":null}},"time_used":4828,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4615,"receive":213,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/fonts/zl-fonts.ab79dc9f.woff2","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/fonts/zl-fonts.ab79dc9f.woff2 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://best34478-go66.kwarmirtile.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: font/woff2\r\ndate: Sun, 08 Feb 2026 06:02:43 GMT\r\netag: \"6980943f-80c8\"\r\nexpires: Mon, 08 Feb 2027 06:02:43 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:02:43 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 32968\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":32968,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32968, version 1.0","md5":"ab79dc9f9feb2102e4dde4c9ca845474","sha1":"e429eb21664969d58a1e21f14dabeb2dd46ea2a6","sha256":"7464bc7aee6809d09ab918e1a1705e52ec554974a583a2f962bc4cba0ece0ad6","sha512":"8c7a5304699c78cb916599d0a7b0ea5d7a3b9a99c946e1a44d712edb3c82612a0b6b540498d81c4f1fc27b6dba4644f09bc4bc03b428cefc656fce20ccc76ab1","ssdeep":"768:N/ogWnfQeLzswH0+bFe0KOuat9/8moAhLBevTA5SQoetH7HS:N/oCeLzss0+52Olt9/6YLwTQSgy","tlshash":"f5e2e1deb6c2b05ac9b142b3dd8da885dd8426cc63504ff793c58024bc8c5d3e9717aa","first_seen":"2026-02-06T02:02:05.852445Z","last_seen":"2026-04-03T21:27:40.974696Z","times_seen":2824,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":217,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/checkIsCNIp","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/checkIsCNIp HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 8ae80029f8b06b6941c37960919e61c6\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: SGvjxXlFr0ocrPMlr52AVLUD5vQAxWT1\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 123\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":111,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f7b4e49e0d91511c5d5f549955076b1d","sha1":"69c81580b210284bb7d71a780f33e786d8103b9f","sha256":"bc31965908527eb7e097a9242b426e28b01bd79656ab8e182b93b4528785a67b","sha512":"84e4fe4a186949001dd78ed6fc7b5b0f720ce9a890ecd9d4588d2bb38d76b4bef79ee53eb49f70bc45bfa84162fb81c64c5659d7fe480af5048fd81139e2300d","ssdeep":"","tlshash":"81b012891caddaa2ace602f4d62a33160030b72126bcf918491e782e10f611e30625d4","first_seen":"2025-09-19T13:32:57.006448Z","last_seen":"2026-03-31T15:51:52.34871Z","times_seen":1151,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":418,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/message/notice","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/message/notice HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: d1bb4bfd9fb6b0e29314f4cd33273e92\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: oOv00I1q3gIn5ahMvGUb2tanX1Cxquqh\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 57\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":57,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"flag\":1}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 705\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":836,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1afaae1adb60011982238c88d8b3794c","sha1":"be8c2859cbb377ca54d083d2cc11051057713bed","sha256":"47489eab5397bf76374d044b49ae77781a5ae01402f98ae7eb2baf005f090c58","sha512":"5fe20d92a139979cbc516787bf6b9355bc409006b5f037b3f798149f85909740f6bdd50af1c8881fa3579403f3efc3cfb01ea2888d637652cc0365b96ddc4388","ssdeep":"","tlshash":"3b018689daad8a9f32e842b1ec6530379520b98223741a0691534cfff039b34e3a8681","first_seen":"2026-02-05T18:55:25.368583Z","last_seen":"2026-02-08T15:30:53.384171Z","times_seen":39,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":423,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/loading-icon.a3ecf8da.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/loading-icon.a3ecf8da.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:37 GMT\r\netag: \"6979b950-27c5\"\r\nexpires: Mon, 08 Feb 2027 06:09:37 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 10181\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10181,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"9cdde9661bff6db8b38c53e2ac49368b","sha1":"75d032f431143a3e54d7340ab099b5aea3e63e1a","sha256":"bfa7ae8086ab2547ae975cca906067cb94d244c309e093fd34aa0f85e1dae1f3","sha512":"05ef2f443eaf4faa7d76304524ee9843b48422b050e2a31aac22036f4c7e2b62fb1c3f1b847b18542586ce0c9ad6a749b490e415037dde4262cf1e58fb08d85d","ssdeep":"192:4Qv0fU93DwKZD4Yyll/d93daclWlPVJ63lteKRJzQWJKX:TvwiwKedd3aPb07PRZ8X","tlshash":"e322bfcd381143302b6271accd0991a7b1137665c68ec62955d3ddb6f2b315ccaa8cf7","first_seen":"2025-12-29T13:32:32.25262Z","last_seen":"2026-04-03T21:27:41.012071Z","times_seen":5339,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":437,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-62938ae4.98b1938b.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-62938ae4.98b1938b.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:01:40 GMT\r\netag: W/\"69845c3b-ae5c\"\r\nexpires: Mon, 08 Feb 2027 06:01:40 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:01:40 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44636,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (44434), with no line terminators","md5":"3815bf3bb10dd5e1e02aac55c226b427","sha1":"f58cd168a5e3703ecff57ddf96744644ff493748","sha256":"37d75259dada6e6f6fa228b8596bc23d4d52fcbc5187d4298bf44224b65e8d3b","sha512":"68ac65be94020f6459f7ffcf57e69882b1a434867a8d1eea85325f754dcb7fd15316cd226fd0c5596836005b2301b3bb5af059d77758c45463a299cfa3e436a5","ssdeep":"768:dkvNvD9M/D3jx3MywSsSLF4WNWHJRW0lRqf10d+evmawTy9t2iJIsD/AwoHeC:0vVlMf10mZT6oiJVD/Axb","tlshash":"a8131918b08af1cf4e7370a1a41f2583f1a61b80d109e9a9f774d5c1e795d2d239e93e","first_seen":"2026-01-30T09:26:23.68339Z","last_seen":"2026-03-26T00:24:46.177279Z","times_seen":3190,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_5.cd478a0f.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_5.cd478a0f.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-ae4\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2788\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2788,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"af65e62f36f11ca80e32a89a18f4f8b4","sha1":"da531427bcd56db6d10a9761c625e13e395c7dae","sha256":"4a606d28853c62e42f8d901208425af87f6956a2c7407a6ad584aaa42cf524b3","sha512":"57a261c0ffaf6296c319aa7bf4595624f64899f5e4f9acf5b8faae13bfd11479067298912e0f2049854937f25b1460b760603fd40022e90e983b41094f695466","ssdeep":"","tlshash":"76510aa412dc2622dbb44ead051fad549e4f1e4afed9f91cc513cd86ae3cc46985c8c4","first_seen":"2025-12-29T13:32:32.246799Z","last_seen":"2026-04-03T21:27:40.998073Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":602,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-718b4916.ead72895.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-718b4916.ead72895.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:01:47 GMT\r\netag: W/\"69845c3b-6445\"\r\nexpires: Mon, 08 Feb 2027 06:01:47 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:01:47 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25669,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (25475), with no line terminators","md5":"b974b3eba8bc36dfea205638d21aeac8","sha1":"0e8a053c145186e5c4f5d324928f18ed1778a152","sha256":"6be30a8f6b8b925e5f6b861b8940001161bcdc6b9c00a1fba762c49f8c10c805","sha512":"515966ae1383e11a8a54e32e09c2b485142069dd557e15b822a87b059fe1590c206a93d7e9c823db1e10b714b60e7ce813d3df8447d3e59a314f7b00b8b01a46","ssdeep":"384:dER4t1oMCpxjYmyKTRAadc+eMzeO7vzB5c9fwVdCbqc7:6yenxjYRKFzdcwNLc9f8dFc7","tlshash":"1db2844eb2c3b04527a3b068451f790bb3b93725648fc584f6aaded0a93d81f5272d1d","first_seen":"2026-01-29T13:25:43.85457Z","last_seen":"2026-02-11T03:43:17.177635Z","times_seen":1048,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-3b31b386.f7099f20.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-3b31b386.f7099f20.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:01:59 GMT\r\netag: W/\"6979b94e-5c53\"\r\nexpires: Mon, 08 Feb 2027 06:01:59 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:01:59 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2312\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23635,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (23635), with no line terminators","md5":"6772ceef087d9098c9af280ead070182","sha1":"bf5318986f8bce6fe8950488d36e0b5b601523bb","sha256":"acb9f27144095a8bbb85390b9190316edd8a701b0649ae3b1984f58345ac77bf","sha512":"d1d2e6082f2c77c3ef515ddd95045297c8d37911303e1e8fa953cf73154e73d673d7b10c2dc1f0f5918b809d0ccf466dbad6cc50a37e7a461d6883d70baa7378","ssdeep":"384:rPSxj2Mh3U6K5ZsA0WEtEYEx+EzPSxj2Mh3U6K5ZsA0WEtEYExPmzsl3CWThPPST:TSAMh3U6KGELSAMh3U6Knmzsl3CWThnq","tlshash":"f1b2757ce80a38e3a26b43fdc290b4054d0ab557da135f107ad2e199b58dec117cbb67","first_seen":"2025-11-20T02:21:21.489416Z","last_seen":"2026-03-05T14:33:04.671279Z","times_seen":10016,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-3b31b386.1dd351e6.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-3b31b386.1dd351e6.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:04:36 GMT\r\netag: W/\"69845c3b-690f\"\r\nexpires: Mon, 08 Feb 2027 06:04:36 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:04:36 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26895,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26163), with no line terminators","md5":"9bb9c28a2ea36dacc29bb61343ce1340","sha1":"a37792a198d20d23480bf744eafde7c3a31d3766","sha256":"0f7518d25f36e799f5d4364c4712cece7f372d5a46e0842efb5966656391d214","sha512":"bbd51e240e9c38df83012fd2d1fed3052c678474967d6cc02f255e96f805cbb5256147919ac5302171cf660347581e952f62d2aa9b04bdf2dd2bb1300bfe1e0c","ssdeep":"384:JGaZPEJE2DaFsEszsyD9fxEb1zOqxCTAcp+SeFmuVPV1VX/vL0gHPp9bvEdnWak2:JGwPE6k7YNVTtjNakn2","tlshash":"c2c2b69cb1daf0860fb260b054bf5107f27a6d98a80994c1b970e4c17db4e96a372f7d","first_seen":"2025-12-12T04:38:56.896059Z","last_seen":"2026-04-03T20:42:58.809574Z","times_seen":6311,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/websocket/v3/jp/pools","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:37.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/websocket/v3/jp/pools HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 2d4073ffeefecde67992dfa27360f32d\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: GIByKGeya2AW4kF9lpUeIt0TPnlFwnUi\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:37 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 2799\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3608,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7ebf285457acaae4f672d19e052505e1","sha1":"dd8bb31e2eb5d9fb3f8cb757151f8ec6001bd355","sha256":"ff74e41e32ed742f2f43b8ebd68aa5329660c192135a1553862451dd0777f70c","sha512":"aae5bdfd66c639ae8c14b3ef3e4b8fd2a42f06811dad6bae4d498581a8655c53bb9207966817c8ad91608bd1228f939331a6b417bd5264405c85eb55f9e6a993","ssdeep":"","tlshash":"71715ca2388d827575eb9dfd7a8e3b576c13dd0381655eec924c3c154ac7304318ad9c","first_seen":"2026-02-08T06:10:02.629324Z","last_seen":"2026-02-08T06:10:02.629324Z","times_seen":1,"resource_available":false,"data":null}},"time_used":425,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":425,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_0.75e7f341.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_0.75e7f341.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-81f\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2079\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2079,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"1a63f9db273f7292badaa1d4d0717bd1","sha1":"f28deaf7403602a2043c23c2a47e445175c1b5b0","sha256":"26f68939c997ad06f193dadf7a71b70185a3190f477528d2c815a9348f1160c8","sha512":"eecfa8273ece1e090386dcf3259f9a3c2ebea336b1b3f1e5a478a8c2ebb69dd3b6bece9d655f7887669bb78d4b2c840e1d7d1205fee8880fcc852e0f25369390","ssdeep":"","tlshash":"1041ec913450e329036e51ec0c899db0450a1685edc5e7ad674e15e2ae365c9c0f47d0","first_seen":"2025-12-29T13:32:32.249084Z","last_seen":"2026-04-03T21:27:40.972573Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":614,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":614,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/game/queryGames","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/game/queryGames HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: da6e7f7316e0ad011d4c60c1626572d6\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: 0koE4siELxA6GEpFzLqOstJXoorPX6P5\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:40 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15556,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7b3ed5f0252daf466dd04e479022f5ee","sha1":"5e6b9a88782de80afb38e5af8a43ea2f6e50a694","sha256":"a67601bccaab9ed83770028b18091f8a700acbc0be79221311e769b6aef42eeb","sha512":"0f98f6833aa17e6d727f73223f673c6c70ec9e1d7b06499baa44db138b5f62e0a3366b77298b9a28a4d9f14bfed28f494c4d175cb90acdf4c7b1801c30ab922d","ssdeep":"384:XCUKmgOs/iqOav+SSr0WC6pTP111rk/JCZAhpLoa:XC4s/ym+Sq0WlTP1j6C2fsa","tlshash":"0f62c0a6572b50aecfa7378d05c3606f39f06af40074dc664be870d5074ea17d79a4d8","first_seen":"2026-01-13T23:02:13.835199Z","last_seen":"2026-02-12T03:46:00.391954Z","times_seen":528,"resource_available":false,"data":null}},"time_used":499,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mj67vro.sxmhwjh.com/?6877550.html?xinghua4dpdkcl620044","fqdn":"mj67vro.sxmhwjh.com","domain":"sxmhwjh.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-08T06:09:30.127Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /?6877550.html?xinghua4dpdkcl620044 HTTP/1.1\r\nHost: mj67vro.sxmhwjh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":1024,"timings":{"blocked":1024,"dns":0,"connect":169,"send":0,"wait":0,"receive":0,"ssl":180},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-78c8c59b.2f68a23a.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-78c8c59b.2f68a23a.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:08:57 GMT\r\netag: W/\"69845c3b-23d50\"\r\nexpires: Mon, 08 Feb 2027 06:08:57 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:08:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":146768,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65337), with no line terminators","md5":"a231fc6d5050991ad196a4943efa568c","sha1":"7989ae5c4d6f8ec85b8b2bfdd9c447bb10912c36","sha256":"5564debf185acbd3cf3ccf4e8abd34dc72a17e4e46a7dbfec0963df996a76891","sha512":"e8be4d4ee16c8e43b3645be6451994ff65f32680230255bb48c9fbff8b88ed6abd37033b3f9df5e6d596fd120c382a718576bcaff253220bb60f0bd1f410ccc0","ssdeep":"3072:iFr8tbsQZQUNJ3ak9uPRj+n55b7cQ0fG9l/lARKJ4P43HdIXRb2CqFF2sPXxt3mF:3tb1l/l9Hz4iK","tlshash":"27e3e749b1d7f4b90af76162103f7606f03b1e80a419e099fb38ddc19aa491e527af3d","first_seen":"2026-02-06T02:02:05.854473Z","last_seen":"2026-02-11T03:43:17.188986Z","times_seen":492,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/webToken","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:37.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/webToken HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: bd7f998a0bfb7c5d48d378936d7af3a2\r\nneedEncrypt: 1\r\ndeviceId: undefined\r\nqid: 4nHZovfGOXhM4xOOrZM7xW8AjRjzrLT6\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nCookie: rfCode=\"1017659939:1770530977:10080\"\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:37 GMT\r\nserver: openresty\r\nset-cookie: JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5; Path=/; HTTPOnly; Secure; HttpOnly\r\nvary: Accept-Encoding\r\ncontent-length: 398\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":431,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"15638e72551b5225f7ecb40366460962","sha1":"26d1faf9816ce954065f599d7896a9dfaf5f0925","sha256":"c0ded90810afd8bee5349ac34f6479323b2c4bd81b1df8c36ba9455b8c569bbb","sha512":"7609d263f60a25f17cec4a0e1924269f263847542b67d82c4658b0830491fd16b0fca4dfa61c37cd42cdb2fdc291be042640cc3dd58714ae86a550322b79bef6","ssdeep":"","tlshash":"80e0a345f57ddf51e4a21095487877a380d7394925292dcc8a9a143c5dd833df24754d","first_seen":"2026-02-08T06:10:02.636549Z","last_seen":"2026-02-08T06:10:02.636549Z","times_seen":1,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/appDownload/configList","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/appDownload/configList HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 0b08f513116eff3bcc138d5b9b16f64b\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: dEABFpR9oiYMY1gMCvPDXlVXaurR4Usj\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 65\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":65,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"currency\":\"CNY\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 3576\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4632,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b0e674fdc2b18ba1c301ae572f010e29","sha1":"e8e0f8e22202e05b6d5de078a30725238520a9f6","sha256":"be0a8941a36119047a43fccdbf8695de88bffd5c72a05ba729656196bbaef8d4","sha512":"f4d589789e8c112949e79780b79679e0719ccdfc318d5479599ba207e66ac1495b08db80f5c941ad0568596233b9934f92cc7f44222fb5663a9081611bac6ebd","ssdeep":"96:DNJpjxDBLYtyYlpNGwq52LYQ9j9aSeFucBKmP6O7YxZz8loxbg0vLqeU:DNTjxFLYty2pNi2sQ9JaRcBmP6qYD1uL","tlshash":"75a17d29ca8d5e1e64aa20189cbef3197e075923755f9876c12d8ec8617f9b18a47c20","first_seen":"2026-01-14T02:52:53.617438Z","last_seen":"2026-02-11T03:42:30.62395Z","times_seen":160,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":420,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/logo-banner-pa.953ba5ab.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/logo-banner-pa.953ba5ab.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-41fc\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 16892\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16892,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"bb6e87af558b28036a2ebe84a445b81c","sha1":"21d54e4ce814858b510818b899ee93fe63b4c2c1","sha256":"6a17d5b80cef86e2d6da845136fbc1235ce9a2dbaa39e8ff973aecac6018f2bf","sha512":"0a0bc839f916a1e1d05795790966db8d9ec414cbfa9e90aa8d29704a0203ffab5d089e86b00728324425fd4be8e534d97e7139f92c3a7cf7c9288e81355aaecf","ssdeep":"384:wG9ZKhNel5zlNK5MgujwfQazKph2cpbKSkJV61Pgw0zVz:wG9MhNel5pA5MgujoQaGph2cwhJV61lC","tlshash":"3572c02f604ff730b9961b7e97698bc654c23d0ee941d1680acc8f695dfc20a501a4af","first_seen":"2025-12-29T13:32:32.258309Z","last_seen":"2026-04-03T21:27:41.017045Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":410,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":409,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/img/_wms/entry_img/firstDeposit.jpg_.avif?v=1770530979101","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/img/_wms/entry_img/firstDeposit.jpg_.avif?v=1770530979101 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\nserver: openresty\r\nx-cache: BYPASS\r\ncontent-length: 150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-04-03T21:27:41.002753Z","times_seen":32991,"resource_available":true,"data":null}},"time_used":455,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":455,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/app.159e195d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:34.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/app.159e195d.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:01:49 GMT\r\netag: W/\"69845c3b-a2170\"\r\nexpires: Mon, 08 Feb 2027 06:01:49 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:01:50 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":663920,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65458), with no line terminators","md5":"342c44414b0d9d63ab8a79371ee132fa","sha1":"8cd56163abac47e435f3fb38d9854528ca98ddcf","sha256":"79afd0a63965b8bba2c8ecc2f14a8feff4d10f1b7f94a28b5d82e3dc2d91e5ca","sha512":"de3529af43dd963254a390aa88092b161038333823b0d3797c945f48f975030b5505c8a528300217d58fef6cc1b285c00ff63ed67ac486ffe002eb56a9091322","ssdeep":"6144:iy3JRa95QaQY197ewjWFnDv02DHAXIUn1qRLZJ6k:xEt19yFj02DVvN","tlshash":"61e4f8ed76cbf199076335b2612fb642b1aa7c41742e8521f734dcc2f550988a333ea9","first_seen":"2026-02-06T02:57:52.025603Z","last_seen":"2026-02-11T03:20:41.208546Z","times_seen":57,"resource_available":false,"data":null}},"time_used":1795,"timings":{"blocked":542,"dns":10,"connect":267,"send":0,"wait":701,"receive":0,"ssl":273},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-1ea0fc8a.6cd64c25.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-1ea0fc8a.6cd64c25.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 05:59:57 GMT\r\netag: W/\"69845c3b-24bda\"\r\nexpires: Mon, 08 Feb 2027 05:59:57 GMT\r\nlast-modified: Sun, 08 Feb 2026 05:59:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150490,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65372), with no line terminators","md5":"6f2eff9f9feee953951188dc524c11a8","sha1":"f65ce839e9025098e9b318b4859a2be14671883f","sha256":"55ebf7fb259672b24568ff6dd597bffba6eb226a46b8afe24e9a2d01609a5909","sha512":"09eec0c956fa38882b69cacb7962c8a076fceda97599d2ae31519fe60d4359cba674029692d79180a11cccf4d450a49f4ac64589517b59ee1b30f52d3ead89b6","ssdeep":"1536:kx4PNjoBpSRXs972UzIYFLIENqFLWo1S/YUqPnqTfTOXwnDFu267DaJpXvll2Ym2:kx4PNjoBkaSaFgF9MZXv5dEHtfg6twr","tlshash":"0ee3098cb286f4b94ab371a1203f2506f3721ec4a415e548b638d9c1ef95c6d536eb3e","first_seen":"2026-01-30T09:26:23.694142Z","last_seen":"2026-02-11T03:43:17.178183Z","times_seen":1022,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-a9c7c5c2.2af8ad46.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-a9c7c5c2.2af8ad46.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:01:58 GMT\r\netag: W/\"6979b94e-5bf1\"\r\nexpires: Mon, 08 Feb 2027 06:01:58 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:01:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2848\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23537,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (23537), with no line terminators","md5":"0a0d44ea6813fdcf8ee4b10fbf3fde6f","sha1":"77204d4bf26422eb2110b8e01af03ed05a228959","sha256":"779d5223e468931b8be31a285acdbb8fc9fe0dbe789caef2e64fe7fc02b6e752","sha512":"d23cff9f56bfbc209824aecb275236fd8a9a4c7c8b0fd1c6cd920061b03dcf0bd99f9d207525680052ba2c2a2d67a7e18591efcb9a543c7a49128b79a3d2bb60","ssdeep":"384:PPSxj2Mh3U6K5ZsA0WEtEYExqn8CGPSxj2Mh3U6K5ZsA0WEtEYExQjc2iPfPSxjf:nSAMh3U6KJFSAMh3U6KYjFifSAMh3U6j","tlshash":"88b2977de5092872a22f4b7e86d47c080d0ef657da134f94b6c2e0d975cae9217c7a23","first_seen":"2025-11-20T02:21:21.464926Z","last_seen":"2026-03-05T14:33:04.680095Z","times_seen":10016,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"344a78img.a0008a.com/cdn/344a78FW2/static/cdn_test.jpg?1770530973864","fqdn":"344a78img.a0008a.com","domain":"a0008a.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:33.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a0008a.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 10:50:45 GMT","end":"Sun, 03 May 2026 11:49:04 GMT"},"fingerprint":{"sha1":"54:74:84:E9:53:A4:F5:3D:54:7A:54:4D:F7:A7:90:80:80:65:87:96","sha256":"59:A8:03:0E:05:61:D0:92:49:8E:F4:38:2C:2A:F6:BD:B3:D0:B2:6B:4F:1B:EE:C3:D6:E7:DE:CE:CE:54:97:27"}}},"request":{"raw":"GET /cdn/344a78FW2/static/cdn_test.jpg?1770530973864 HTTP/1.1\r\nHost: 344a78img.a0008a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":750,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":710,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/cdn/344a78FW2/favicon.png","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"GET /cdn/344a78FW2/favicon.png HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Sun, 08 Feb 2026 06:07:31 GMT\r\netag: W/\"68a57ec6-1aeb\"\r\nlast-modified: Sun, 08 Feb 2026 06:07:31 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced","md5":"7226068407351d70a73e4d42fe27cf77","sha1":"eb1c88ec36b539b7c7a3e17fc1c2fa4075b2c1c9","sha256":"f286bad79eb8f3ad54992b441ee50926bd2f33abe0ace7d427ecd22b300fcebf","sha512":"739c4ebf6be89acfb1f1e648caa229123d6c6b684a5b2c7f2b1c90eb31d10fb95fb635f0b5abcc28aa7b37a1a39fbe9cbed30178e9fa6c572727230a34e02616","ssdeep":"192:AS6+RphRlpGTvNRCJG8rR03AEGRcSMbKcZOTz6:AMpHLGzDgQjGiSMWn6","tlshash":"3ce1af883bba44dc47b40f37b8e7771b468cd26ca50b9e12970d501fbb430da9579257","first_seen":"2024-12-03T01:53:59.54056Z","last_seen":"2026-04-03T20:42:58.803449Z","times_seen":7027,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0e885d.9c346fc2.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d0e885d.9c346fc2.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:04:46 GMT\r\netag: \"69845c3b-101\"\r\nexpires: Mon, 08 Feb 2027 06:04:46 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:04:46 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 257\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":257,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"714711cd68f029edafa6ab087f7dfe93","sha1":"6354f9ee41d4ee9a3df124281bd22e0c2d507370","sha256":"f2e041275dff90ac47488d2f49e161dd21cd8ecfc35f4ee81e0c816afbe3f7dd","sha512":"4d4ac7873175e901262fdf880c5cf54417a4e0fb66cdfaea94867dd99cb76f71b4dd3a2e96e70bce9b71c48afe64e21c3e30f15f12817d0c65f8294b315fcaaf","ssdeep":"","tlshash":"80d02b5e3081f44515bea5ec516f6391aa7b39a01e5624510d60b0d07734489812168f","first_seen":"2025-04-27T22:25:38.191844Z","last_seen":"2026-04-03T21:27:40.969754Z","times_seen":18179,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/img/_wms/main_banner/PCH5rsgs0520-750x252.jpg_.avif?v=1770530979100","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/img/_wms/main_banner/PCH5rsgs0520-750x252.jpg_.avif?v=1770530979100 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\nserver: openresty\r\nx-cache: BYPASS\r\ncontent-length: 150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-04-03T21:27:41.002753Z","times_seen":32991,"resource_available":true,"data":null}},"time_used":4027,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4026,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-143a7152.d94cc963.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-143a7152.d94cc963.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:00:44 GMT\r\netag: W/\"6979b94e-68d5\"\r\nexpires: Mon, 08 Feb 2027 06:00:44 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:00:44 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26837,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (26837), with no line terminators","md5":"0d48673e454fccd78d9682c693657a32","sha1":"49382c24212a74df67ee924253d907b8bfe14170","sha256":"361adc5e9d2f266e2d094acc1be383acf1aae2e06952735bec96bbebb9d71ada","sha512":"8fb53a966279d38696a5bdf9841297cc3a9bfa6e2f750b2be63c953d40db237a1ec4ab6066ebc20dd7646e80587d9a3e1757f27637e03a32267ac3f1341a122b","ssdeep":"384:y1q/y5Ccfi5oemXjoV5YPSxj2Mh3U6K5ZsA0WEtEYExaT/:y1f5bfi5oemXjomSAMh3U6KCT/","tlshash":"41c2a63957013027a23b4f6e86d49a784724d99386530eef73c0de59d3e69a4138f397","first_seen":"2025-11-20T02:21:21.411936Z","last_seen":"2026-03-05T14:33:04.636755Z","times_seen":10030,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-62938ae4.9807a17e.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-62938ae4.9807a17e.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:05:24 GMT\r\netag: W/\"697b389f-e3aa\"\r\nexpires: Mon, 08 Feb 2027 06:05:24 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:05:24 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":58282,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58282), with no line terminators","md5":"60a85fadb53a485e2349221b5bd699bf","sha1":"59f05ff4760e3324544e52d12c76f7ae339cc387","sha256":"87bae1354caed232e89b52c54ab7e663bdb72b7aec23abfd31d54a02e8e84c7d","sha512":"d43c2205c97852b49762a97e82e57e23ab7f2dfd93ac98f6c75343a75ed3b4913c42a5f03b4b0a6c9bb9afd7886088140fb52b6c5e6034909e95f6eda84f37f2","ssdeep":"1536:O6h3U6K16h3U6Kx6h3U6KY6h3U6Kip6h3U6KCGAr:OlBImyGAr","tlshash":"c143a6b9ed0f3571f13b86add2907c4d1a09b213c6130fa5b992e05af6caed127c6217","first_seen":"2026-01-30T09:26:23.68968Z","last_seen":"2026-03-05T14:33:04.676544Z","times_seen":2504,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_00.f847337c.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_00.f847337c.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-93f\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2367\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2367,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"e147fb8e3387295fd3a96724a7f35571","sha1":"6f84ca8bc84950cd73159680e8a1ba4cc1191700","sha256":"7a31ec957d93072e0009a7e978dc2c8af7e6865a3a6af914a06ee52efd45c235","sha512":"a0ca4037e223fe460dab891ac4f6b18c274b31e7273a5046e025e7fe687a4efdc5dae158258ea9bca720a73a865517d52a8fb5718b791553f8cdb9951cb488cb","ssdeep":"","tlshash":"30414d79f45ed378e2541afd59058b3282882211d9c7d13a1b4cc171aa3901c13dc5dd","first_seen":"2025-12-29T13:32:32.249962Z","last_seen":"2026-04-03T21:27:40.973145Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":4387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awscloud.servicefu.com/cdn/344a78FW2/static/cdn_test.jpg?1770530973864","fqdn":"awscloud.servicefu.com","domain":"servicefu.com","tld":"com"},"ip":{"addr":"38.150.72.244","port":443,"asn":142267,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:33.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"servicefu.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:88:C0:D2:24:EC:6C:05:EE:9E:86:62:7A:B7:F1:CA:04:FB:62:4F","sha256":"FF:A8:3A:F1:9C:62:88:67:9F:4B:EA:BC:81:CC:2A:BF:CF:BC:9C:A9:34:41:75:C9:DC:D2:A2:14:6F:7F:DA:03"}}},"request":{"raw":"GET /cdn/344a78FW2/static/cdn_test.jpg?1770530973864 HTTP/1.1\r\nHost: awscloud.servicefu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/jpeg\r\ndate: Sun, 08 Feb 2026 06:09:34 GMT\r\netag: \"6979b952-1b\"\r\nexpires: Mon, 08 Feb 2027 06:09:34 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\ncontent-length: 27\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27,"size_decoded":0,"mime_type":"image/jpeg","magic":"GIF image data, version 89a, 1 x 1","md5":"6a43099d5c8fe991a7aa7ebaca53069d","sha1":"5bce2f0d57305c58c7b05bfce29ebb39a18f5570","sha256":"3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1","sha512":"b82c6aa1ae927ade5fadbbab478cfaef26d21c1ac441f48e69cfc04cdb779b1e46d7668b4368b933213276068e52f9060228907720492a70fd9bc897191ee77c","ssdeep":"","tlshash":"e2800003c2a08000c380c0300808020023808820020a030aa08c00c8ac2aab00c00000","first_seen":"2023-04-05T15:47:46Z","last_seen":"2026-04-03T21:27:40.972045Z","times_seen":20373,"resource_available":true,"data":null}},"time_used":1160,"timings":{"blocked":468,"dns":1,"connect":220,"send":0,"wait":222,"receive":0,"ssl":246},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"awscloud.servicefu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/fingerprint.min.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:34.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/static/fingerprint.min.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:03:57 GMT\r\netag: W/\"6979b952-15e37\"\r\nexpires: Mon, 08 Feb 2027 06:03:57 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:03:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89655,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65516)","md5":"bb3a87af78d24452e4b4c94427e5444a","sha1":"f85a210257a5878a075d3cf55109233aae4639e8","sha256":"00c7520bc1f8deef83b091924e25f5cffe6a6d22965d95bc6b790695b785c5e7","sha512":"5b7bef606d230310bba22124ad98e772a5e9e762df99a7d69cfa5ebd2bf4f267ab0254d8b9533be147c7ccdf6e7c21a6400a9ad7ea6cf0a0f728e7f55364873e","ssdeep":"1536:NSCtfIkmxPDB+nQZPpasUiPXHJhiSfa+yee4yGqvBFcbrtgJFc1N:MCtfIF1aUPpasUiP3Jh2+yN4y1A6jwN","tlshash":"8393188571e77424039250e5052f040ab23ea96d745e90bdfa6dd8e2bcb5c8e523ff78","first_seen":"2023-06-01T06:54:23Z","last_seen":"2026-04-03T21:27:41.017542Z","times_seen":18657,"resource_available":true,"data":null}},"time_used":1285,"timings":{"blocked":445,"dns":10,"connect":216,"send":0,"wait":390,"receive":0,"ssl":222},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-96005406.0b538009.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-96005406.0b538009.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:06:53 GMT\r\netag: W/\"6979b94e-1596\"\r\nexpires: Mon, 08 Feb 2027 06:06:53 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:06:53 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1665\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":5526,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5526), with no line terminators","md5":"eaf7578a7d79c404f76b87ebd601efee","sha1":"b71d5e775fb40ac97efff57e8799e83c8dd9b71c","sha256":"2ee774624611221fecafd6f4979a2dbbed92911d35337502088647fb790da769","sha512":"a765ee71861b2aca2d79dbf0b64cd8c01f92c4a7cfbd9bd59473c559c017a6dac67bb2c6418865d458f06bd97704af1285e486d825384362da5afc5b880fd14d","ssdeep":"96:DCowvhNSwYLjUfXNwfXh3U6KOsZsQfECBjnO6IfWEjxEElEEeajsvNdqyU1G1o:DCowvhNSw8jwNw/h3U6KOsZsQBT0WEjz","tlshash":"1fb17478e80a3ce3a26b03bdd190b8154d0ab557d6135f1079e2e19d76cde8217cbb27","first_seen":"2025-12-12T04:38:56.90888Z","last_seen":"2026-03-05T14:33:04.666859Z","times_seen":5474,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/dynamic/query","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:37.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/dynamic/query HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 5a3061d1d2cc66517c5cd0d3c5d480b5\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: MmkJssGN17LobtWx4e3B8e4Ihj5xr3f2\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 70\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":70,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"bizCode\":\"ENTRY_IMG\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 561\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":643,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6bd10d11c72342a2f8ebe6ea660babbb","sha1":"d5af5e86a9f33eec6f62c7c55e7a59021c29eef8","sha256":"402c13fe211ce617e56c168b0bdcb7aad96406056d71b6a62bda94350c9b983a","sha512":"4928ab58800c0c722ef378fd3978045628b40c1483fb97adeedcb656bd7b4557036696198beac4ddc15a6ba698ab8cb4bf4c2b27a1b3cec2e7fdf3a9e0b849a1","ssdeep":"","tlshash":"bff0626aeef8dc7397e016eac628b84b3afc252d994520415c054e3318ec99b56d3c92","first_seen":"2025-09-19T21:06:52.770699Z","last_seen":"2026-04-01T15:17:32.393449Z","times_seen":1870,"resource_available":false,"data":null}},"time_used":409,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":409,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/?palcode=1017659939","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-08T06:09:32.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"GET /?palcode=1017659939 HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://mj67vro.sxmhwjh.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:32 GMT\r\netag: W/\"69854a95-9f2\"\r\nlast-modified: Fri, 06 Feb 2026 01:57:41 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-length: 1572\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2546,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1576), with no line terminators","md5":"176cffe23a62de99a1eeddb2277e2b8f","sha1":"5e61528a7641db3247a7c17e14803c99746430da","sha256":"d2e36503d5766602019b1302f4642a232d4faaa51baae0a7f5b5810473c1f4f5","sha512":"65efb5cec7fd70b88c9b3bfe5218356f64bcc35bf32b4b2028692716710807348bed22ccaee349585a7485b03ed8b61d346d60d5cdc16e09c2cc0a7f33a68765","ssdeep":"","tlshash":"0851d9b76670f59e6204c2f17bad222c800a5f1e51715d71e7c108fd9ae0ba4896204b","first_seen":"2026-02-06T02:02:05.817265Z","last_seen":"2026-02-11T03:43:17.180628Z","times_seen":494,"resource_available":false,"data":null}},"time_used":1381,"timings":{"blocked":554,"dns":1,"connect":260,"send":0,"wait":262,"receive":0,"ssl":299},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/logo_2024.04cb2cf8.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/logo_2024.04cb2cf8.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-30be\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 12478\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12478,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"59e0f72c7a4d0d15fe1be140a0eef067","sha1":"245602aad2f4a384bd3dd00873917d673e1b4e0e","sha256":"11d433e3f2a4b61e98b3497b581e09f48e1f3d750b78c8f2b3eb7ea3623b9aab","sha512":"5d2403139b7c49fa1f4effcc55827b3974899cd368b5534c3b78568a656f9588c6a57b2fcc3356f223e34e769c2096f3918442973f9e136f524e57bff3210099","ssdeep":"192:TuqGYe4mvdzw5K/at8JODXluji80ofc4IqiQbMme2AC9QsThH0DvvPgvxj2tVPdu:yqGY/m105WajuulAp5u2R9HaLPiuu","tlshash":"9542d0d3551dea1818e2912edf3a26bd91a860f4e91fed0d9a09034bcfba11c6c13d87","first_seen":"2025-12-29T13:32:32.245638Z","last_seen":"2026-04-03T21:27:40.9916Z","times_seen":5223,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":412,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/saconfig/secure/yunwei.js?0.11473942829237227","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:33.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"GET /saconfig/secure/yunwei.js?0.11473942829237227 HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:33 GMT\r\netag: W/\"695232ba-543\"\r\nlast-modified: Mon, 29 Dec 2025 07:50:18 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-length: 819\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1347,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"fcc9440f7a59f458b991fe0ed0ad70b6","sha1":"b5a3b71d0872d6a240c5ac1a02cf40d83b7a9118","sha256":"06445e94c0f0be86d20e1c995f901722de18f4798316ebb4bfbdf88b12f830bf","sha512":"9f31b0e965103b8cc9d3fecb5a5cde16012535943953d1ac8a5c380ad6e8cad20a776b763f0659f0547d6ada03e88543dda9bcf43ece846d2a581b2ecde77888","ssdeep":"","tlshash":"5f2175e74898c91812b04298a25f3f48ff501b2710c38c5bf5be11802f3b57eb3a1994","first_seen":"2025-12-29T13:32:32.227692Z","last_seen":"2026-03-27T08:03:34.249462Z","times_seen":5374,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/image-loading.f3d91b70.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/image-loading.f3d91b70.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:37 GMT\r\netag: \"6979b950-3053\"\r\nexpires: Mon, 08 Feb 2027 06:09:37 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 12371\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":12371,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"2e22162dd4d9bde2039f08d73e614e3f","sha1":"b0cd6eb6b586dc24a7d18a9e191c7056b6403bb6","sha256":"117fca3f31476279cbf99e0a1bb488986242b3813c2d8d397f2468c60f800ef1","sha512":"23921b6f1769e2371f7fa95040f62355f4631b0990bc33fed2e6d6aa23aac9c2c9ef7d25d7bc78c929a209b97b617ff024a42a896c94c81a5e0566dd2ccec673","ssdeep":"192:TIvpcs5rRMO6cUAq++ozGMSIjWyD20JZBZ9O4O5xYyJdxb5hz+rVUy3+ogJEVSsO:ep/g5loywjdKoLTOrPxXmUtXE0","tlshash":"e242cfc8766cc4bbe32c105eb119b34e6f94b1b0d230ee9493297217f43e225a9e07b5","first_seen":"2025-12-29T13:32:32.22297Z","last_seen":"2026-04-03T21:27:40.986138Z","times_seen":5338,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_03.b865f42e.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_03.b865f42e.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-c75\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 3189\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":3189,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"09b2b4cfdaedf8ec3a9816d2a49092e5","sha1":"adf8d0b385bc0d86ae664c97b61e57cde66e3bc3","sha256":"9ddb75d7cb7cd0309d419c2324a7b79807942b5e8f756ab790845a136be1d02a","sha512":"150cf1d65910c90694fa72817adaebb59d4fe113cfef95df2defc0fd5e4fbfe73544b4c9d5be35887af064ce4fd71207a9246b7590d7dce5694ed9aa6fa2a68a","ssdeep":"","tlshash":"e4614c983afe4ab106d2055d985cc0a93e4920adff72c6a80ac715b53b7b74909ec09a","first_seen":"2025-12-29T13:32:32.244392Z","last_seen":"2026-04-03T21:27:41.019868Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":595,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-78c8c59b.2e49555b.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-78c8c59b.2e49555b.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:04:48 GMT\r\netag: W/\"6979b94e-303e7\"\r\nexpires: Mon, 08 Feb 2027 06:04:48 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:04:48 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":197607,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"f6c50c53a4f74d48da334a96b4a587d4","sha1":"c8a290280523b4023aa7badef13271ea05ef5062","sha256":"921d3ac8156a587c5dbfb75562bca7d9d35e9691945a483f722fb6cce749e664","sha512":"3c23db9193ed16caa0a360590db3568f37b0b343354f8fe355730c98fd06ffd14d6682ceb1049da71f163b3a68840bbdbece9256ea63ed1e7989e97f93e1384d","ssdeep":"3072:kP1hv+SCZakxwVyLJrJMJAKFBWLoGfpWai6V5atjLUjdlbMHZK9hspq0yY:r6","tlshash":"8014b678f40a34a6b23b477d829474094d0af153da234f6879d2e199b6ceec217c7763","first_seen":"2026-01-05T23:00:09.201838Z","last_seen":"2026-03-05T14:33:04.699249Z","times_seen":4344,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_2.ffe2a01e.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_2.ffe2a01e.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-8a0\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2208\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2208,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"55f03e4ec82f26d44665c87d97972468","sha1":"882d4d3c9275554eae2a6fad1bea5704cc1b06fc","sha256":"27b3e01b9f9a7123dcaa9e53ceedd0f4ca3d37debbd51b657f778f69e62278c9","sha512":"966b426de612499d27ebb0a8ea95332b19888fab38090ee7662335ef5002b74e27675132980897e262c62d9b72704cf29ff20447d169857afbed541c8cea52b9","ssdeep":"","tlshash":"01413c48e494a373131b572c4c1f5d59d9990e0afb24d64c6f5a47baf33181c86cb3d4","first_seen":"2025-12-29T13:32:32.234246Z","last_seen":"2026-04-03T21:27:41.015542Z","times_seen":5226,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":611,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-8FRE3KY7VN","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:36:37 GMT","end":"Mon, 06 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"D1:4E:DB:C9:1C:90:74:26:D2:F3:40:74:02:DB:66:36:23:CB:45:12","sha256":"08:51:D4:42:81:8D:57:AC:83:18:86:85:25:AD:F1:2F:82:17:60:A4:FA:C6:D4:09:86:34:D3:30:65:78:09:B2"}}},"request":{"raw":"GET /gtag/js?id=G-8FRE3KY7VN HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 08 Feb 2026 06:09:37 GMT\r\nexpires: Sun, 08 Feb 2026 06:09:37 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 146144\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":440809,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"e861d5a33d5f62c79cde684e94edee3a","sha1":"316beef70e7037bc3876dc6b2f2e441cff54fecf","sha256":"f141b096fd0e6e68b1fedde906c6faabf021d13771678324ff0b78a1d0520b88","sha512":"e193bfd1775e004f51d8fff96a68b8a46c062af6d07542697acfb44f916ae84b9bb5f57a89d9b59c658168ce965078aa28db39012df55cf6be8fc6e10aa18e11","ssdeep":"6144:lIbh3hDlzzfR681qbOqR51/48BjM3cp81Qj3AEFytI10KTB:Sbh3hDtz56nbD/48BzFy4B","tlshash":"1c9409de73c674225396f478502f018ba57b28a2f48cc89af189cce42d74a9a4177f7d","first_seen":"2026-02-07T18:31:00.141329Z","last_seen":"2026-02-08T07:13:06.42589Z","times_seen":5,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":76,"dns":0,"connect":8,"send":0,"wait":22,"receive":26,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_05.f3153096.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_05.f3153096.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-c1e\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 3102\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"4371c003340b9dd9acf8a3bcdff6524e","sha1":"2b5a08b6f292871b3fa485b1305a020fca3d212c","sha256":"6fba52b329dc24c2be00c0433448cf66a932016cc4c33530fcfbcb5300f41763","sha512":"55df9556064d59ade1ece93d7ca3019c3fab5166b9c15228781f83b209ff5f15667f0be3aa8925ab038fe37d4d6f6c79333d54578d85fd883dc3079cf248c10f","ssdeep":"","tlshash":"e8514c78a15dd2011326316dcc6db0a0dd4e129aea8affb549580433ed7b155aef8494","first_seen":"2025-12-29T13:32:32.250719Z","last_seen":"2026-04-03T21:27:41.004731Z","times_seen":5226,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/zl-mail-reg-ad.c50ecccf.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/zl-mail-reg-ad.c50ecccf.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\netag: \"6979b951-1b3f\"\r\nexpires: Mon, 08 Feb 2027 06:09:38 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 6975\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6975,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"fb0607e874bc3eba46999acf15428b6b","sha1":"df2c44b99b7d7ceac8b0311805e76e6bb636c5d6","sha256":"432d128bbcd02e865e05d58dadec89ed1dd79cc5b547795783a2afe0399611f7","sha512":"4c3a2f311e580f10f4f8a03c4df18b66ad358ff57066e951874cef40a6b7d3941f5c2d048448dd0fc020861012670dbce95be37d8282d42b6accf436c9fce711","ssdeep":"192:xPL1LVQ7xfJYhRWoCdAujdjv5hW+AcI0UUXHX/60:J1LV4gRWozujI3cIKXHX/60","tlshash":"f4e19e58a03f13234bfb953ca74da4d612f83a7cc269d33812995d3ac136c60046c7aa","first_seen":"2025-12-29T13:32:32.226092Z","last_seen":"2026-04-03T21:27:41.000717Z","times_seen":5254,"resource_available":false,"data":null}},"time_used":842,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":627,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_6.31b84993.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_6.31b84993.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-a1d\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2589\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2589,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"57347d6041714add661304e883a3a1f1","sha1":"c662a9c4dca02542887b9e2778b15261b616d188","sha256":"9eb8891e3ba68a45a878ea191759a6a7dead6560db1cb27f7364cbd73c24f26a","sha512":"5441f9eca6245241e92231bb7cbd0a06030afc6b53058115b6ce32564348ec8ced1588e633bfaee03ef4f58cfc22cd98d326d6ab4039e630b35f5c2470ddab96","ssdeep":"","tlshash":"0d511aa1ce4da27060ce718c50844de5e3147309fe9acd26bc17f255d67291aa4978ce","first_seen":"2025-12-29T13:32:32.247713Z","last_seen":"2026-04-03T21:27:40.989427Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":4172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_04.862920c4.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_04.862920c4.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-da3\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 3491\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3491,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"6e02c11e5ce121baf79b1801ca673ace","sha1":"72217118112557ea7e32f86fb1f39661251892a8","sha256":"052556725c178db5b4aac812ae5657e67b50ef3d645ae26af24112279822457a","sha512":"1d5b6228e6e8a007653d95cf8490d6fc8ca7a7326ecbfd1e9959dea5e5688fd2aac0c7e0171dbc36cac81da7a858cb842a86816b790b930d179035927f646c36","ssdeep":"","tlshash":"08717d0e3418493b47a5048c448bf390dd0da60edee3f63d1e1daedea5350ada2422ca","first_seen":"2025-12-29T13:32:32.215309Z","last_seen":"2026-04-03T21:27:40.971492Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-c045d38c.dde4650b.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-c045d38c.dde4650b.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:02:25 GMT\r\netag: W/\"69845c3b-df8d\"\r\nexpires: Mon, 08 Feb 2027 06:02:25 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:02:25 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57229,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (57229), with no line terminators","md5":"f8c5524a2bcefb34c1f66c95d9596ea3","sha1":"2d82db3bfdd2952df9ef079ee7787b282596e47f","sha256":"de24c81f3372531294ee4926a24bf92ee9f0611c3267e3b635c1db9a0218bf90","sha512":"b28b4307cb0172bb3f57286546bde289dc876a2ffe588c599eade18210a42eb3f4cd2d9d51c65a78f74aaa7c45003a1844323ef9e854f5a55f12b025395687ab","ssdeep":"768:OnU18iiyn2IplB3skTfys9aVqB0pZy9U901vNqV3lrTrCKRzISQ3Q49NzKfhCKWl:OFs1TfyqBquqJlrxFgh2zse0D","tlshash":"d943d588f695b05903a764a4002f140bf1bae928b85d58b4e751e4d27cf8eded07bf78","first_seen":"2025-11-20T02:21:21.469468Z","last_seen":"2026-04-03T20:42:58.862233Z","times_seen":10882,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-eec3e544.b144dd27.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-eec3e544.b144dd27.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:06:48 GMT\r\netag: W/\"6984552b-222b1\"\r\nexpires: Mon, 08 Feb 2027 06:06:48 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:06:48 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8fc94e200090595bd399f9aa49a832f6","sha1":"c09a448c0cec9ea5bbf82fd8b93c978792f78827","sha256":"ca8033b5862b64c8ef284f53b4953a967c5c113d89018fde5c8f9246e4674e75","sha512":"ef918743a00029a9d542d47b88fb7d44d7be448b3610f0b3e76fc4b48898d02c36c76a0db5e03c1d07dee42036a6c3ddb3f3db5070815285f9ede2337be5ea77","ssdeep":"1536:y55bfi5oLXjp6h3U6Kb6h3U6KT6h3U6KM6h3U6Kk6h3U6KC6h3U6KDpErhxG/+6D:yrfi5oLXjprDcUyuwu2DEEfm2","tlshash":"91d3d838e80a24a3a67b4bbd82d0b8584a05f553ca134f58b6d2e199f7dedc113c7763","first_seen":"2026-01-30T09:26:23.679102Z","last_seen":"2026-03-05T14:33:04.66149Z","times_seen":2518,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-eec3e544.25d81121.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-eec3e544.25d81121.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:04:40 GMT\r\netag: W/\"69845c3b-2d13e\"\r\nexpires: Mon, 08 Feb 2027 06:04:40 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:04:40 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":184638,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65498), with no line terminators","md5":"f99e0e684bb63ba5d1dc5a2ea2d4f3fa","sha1":"2945c842d62a62c42fd2402931ee0ec33cc8e724","sha256":"1d854d3bec673b518a944213ada4b99618b9a7dc1880792d4b64d33313b3e1bc","sha512":"634a68dcf047c3b029f83d08bb3a0190f5494f73950acf60e44fdc3765cfe14e54dfd30b6d431c8d8a14a06651d2b43ae1ef89af183e19af15ab7bbd322b2e33","ssdeep":"3072:VOofIjdeTPpQw0wPSgST+yj4yBtblc1Mq7j0a1QTt8VPnsooWC:VodjtblDk+","tlshash":"9004f889b6d2f4b50aa7a0e5002f1106f23a5e49b81ad099f774d8d1edb4c4e533bf78","first_seen":"2026-01-30T09:26:23.704555Z","last_seen":"2026-02-25T10:54:23.156215Z","times_seen":1704,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"ips2.io/ws?\u0026appId=zjypgzpTZehZj322R4A2Wi6gKc3qrbW4","fqdn":"ips2.io","domain":"ips2.io","tld":"io"},"ip":{"addr":"154.64.201.199","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:37.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ips2.io","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 11 Jul 2025 00:00:00 GMT","end":"Sat, 11 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:63:DD:3C:A3:84:AB:B1:43:27:6E:D9:B7:64:07:7B:E9:31:70:2C","sha256":"D5:DF:A9:56:F9:E1:89:B9:8F:F8:DA:ED:38:78:6A:D9:10:2E:CF:24:EC:0E:3F:B6:D9:C2:A0:85:6A:8D:C3:33"}}},"request":{"raw":"GET /ws?\u0026appId=zjypgzpTZehZj322R4A2Wi6gKc3qrbW4 HTTP/1.1\r\nHost: ips2.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://www.yjedsgnx.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: sNovcUBlKbf9V5hR93fT6Q==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nConnection: upgrade\r\nDate: Sun, 08 Feb 2026 06:09:38 GMT\r\nSec-Websocket-Accept: V8XkNnxfapY6ziA+lRUj3SFw7BM=\r\nServer: openresty/1.25.3.2\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"OpenResty:1.25.3.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":2676,"timings":{"blocked":-1,"dns":872,"connect":1138,"send":0,"wait":374,"receive":0,"ssl":1148},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"ips2.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0a3529.5c4d23ba.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d0a3529.5c4d23ba.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:02 GMT\r\netag: \"69845c3b-371\"\r\nexpires: Mon, 08 Feb 2027 06:09:02 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:09:02 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 881\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":881,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (881), with no line terminators","md5":"0a3ae42df44a01557a7182f000a7cfcb","sha1":"1ab42fd4fccc139fc48e075e54b64f506f9e2f0d","sha256":"b22cd2d8ffdfe96036d9a824863f3342126a8ed17615bda1a1ca1774964bcbc3","sha512":"b2fadab7e2d28ffa1ed68abcfadf998070c75ba941c370d99990eca9502a714bd45d2ecfd0f9b4918a144d711c66a30953ae80ac2088f13eec1896b75e7f6e91","ssdeep":"","tlshash":"5d1176cdb0c1f4c48637e0a8306b329ba33f28956c0999958f95b0d67b21158a762b9f","first_seen":"2024-12-28T16:15:55.716131Z","last_seen":"2026-04-03T21:27:41.010563Z","times_seen":18226,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/register","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"GET /register HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:40 GMT\r\netag: W/\"69854a95-9f2\"\r\nlast-modified: Fri, 06 Feb 2026 01:57:41 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-length: 1572\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2546,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1576), with no line terminators","md5":"176cffe23a62de99a1eeddb2277e2b8f","sha1":"5e61528a7641db3247a7c17e14803c99746430da","sha256":"d2e36503d5766602019b1302f4642a232d4faaa51baae0a7f5b5810473c1f4f5","sha512":"65efb5cec7fd70b88c9b3bfe5218356f64bcc35bf32b4b2028692716710807348bed22ccaee349585a7485b03ed8b61d346d60d5cdc16e09c2cc0a7f33a68765","ssdeep":"","tlshash":"0851d9b76670f59e6204c2f17bad222c800a5f1e51715d71e7c108fd9ae0ba4896204b","first_seen":"2026-02-06T02:02:05.817265Z","last_seen":"2026-02-11T03:43:17.180628Z","times_seen":494,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"mj67vro.sxmhwjh.com/?6877550.html?xinghua4dpdkcl620044","fqdn":"mj67vro.sxmhwjh.com","domain":"sxmhwjh.com","tld":"com"},"ip":{"addr":"198.2.207.81","port":80,"asn":54600,"as":"PEG-SV","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-08T06:09:31.547Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?6877550.html?xinghua4dpdkcl620044 HTTP/1.1\r\nHost: mj67vro.sxmhwjh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 08 Feb 2026 06:09:31 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nETag: W/\"a40f-FwO1WS6PXkS5uDA1xKj7Dmaco+E\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.8.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":40955,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16339), with LF, NEL line terminators","md5":"8bc78d2ee4b78af2f86c2dec8797bddd","sha1":"47475fcb8e013dd0e7f1f92dd7335ecdf14e9f5a","sha256":"fb77b31bc389041c8b22a5aa2e38373bf2974e7c21da0fd51e96b0845dc7c1b7","sha512":"7896439fb16fc112b6bd0abf28e56b81223c0689ce6a4f005945fe6b48259a5177a96022628f40cfd6719e616b13f0b5e72a803a2b37daad604218ab2e93ad61","ssdeep":"768:WBQhUv1ilFrMeWpUR9eMcK0Hy2fLKnHdfcZ8OCKB:WcI1gF1Wpy9eMUsBVO5","tlshash":"dd03e77b098555232a22898c58f41b6df16353dfd722cec2a5f78de59b803d3be2064b","first_seen":"2026-02-08T06:10:02.668158Z","last_seen":"2026-02-08T06:10:02.668158Z","times_seen":1,"resource_available":false,"data":null}},"time_used":609,"timings":{"blocked":161,"dns":0,"connect":168,"send":0,"wait":183,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/chunk-1ea0fc8a.82930250.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/chunk-1ea0fc8a.82930250.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 05:59:57 GMT\r\netag: W/\"697b4cd6-35731\"\r\nexpires: Mon, 08 Feb 2027 05:59:57 GMT\r\nlast-modified: Sun, 08 Feb 2026 05:59:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":218929,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"07ed46e0b2b053177412abbbbe1db605","sha1":"3099b3c1396c6001205f3e0968a75ed7f4ba6df6","sha256":"ad34c53f3c726c7c94ccc87285add2ae5902ab7c44db7c171d5172457da6bf5a","sha512":"a69344733195225ce8384664e74de4e62b24abcce45fb50f997063041d1ce7cc73c16818ddb9d546ca76922f604bf7403259b30b20c9dad28d9cbb94271a1eef","ssdeep":"3072:7jrfi5oLXjprC7lyVgPD342+MmY+24wdnJOaXlcz2:nrfi5oLXj5WdQah","tlshash":"2324d878e80a3873a23b4b7d9290b5094909f553c6131f6876d2e16ef6caec113cb767","first_seen":"2026-01-30T09:26:23.727613Z","last_seen":"2026-02-11T03:43:17.1746Z","times_seen":1022,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/liveChatAddressOCSS","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/liveChatAddressOCSS HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: eee23ebac9eac4f442feb26db1059ad5\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: KKNxA26qhBULbBfDfNIa4WLyHvHmi8r1\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 61\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":61,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"fetchUrl\":0}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 205\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4144793aae949b984788268787a257bc","sha1":"ffbdef2da29e3e2950433f919ff36c0bd4a9cf78","sha256":"97e25ba40d0c916a4990ad341f48b395cdeaa2682bcb7bc90ca90234cffee656","sha512":"cfed7104016b79a02649cd1d63076cdeed2ab52cdad2f08bba6a1c45ebdfad98b5308ea0dfcd62a2db0d996f50ff6ead8de7721a92d86034e46c4ca0d40d5a9c","ssdeep":"","tlshash":"47d0c01a68e88603bdd371f4960fb2036130b4f27f70fd040427203d89f8118100270c","first_seen":"2025-10-13T22:42:34.736072Z","last_seen":"2026-04-03T20:42:58.797975Z","times_seen":2484,"resource_available":false,"data":null}},"time_used":407,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":407,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/img/_wms/_l/folder/brand/pc-return102-750x250.jpg_.avif?v=1770530979101","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/img/_wms/_l/folder/brand/pc-return102-750x250.jpg_.avif?v=1770530979101 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"69143221-d15f\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 12 Nov 2025 07:07:13 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 53599\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":53599,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"f9fcf03cdc7aa745e1a368ad2183df2c","sha1":"186e319d871d4af4da73bb4aa361cb65aa96eaa4","sha256":"8055b71fb93457b0739f857d6a694eb6b24f6720f79a9751cff1774bbb636c17","sha512":"fff2b9f9863ce66db1386d3a92d0f3d4d0c3e7c456483fd0480588e82a7696285988ecccf15adb051cb2a9db95b0ae1b3f616921fcbc7c365be164ff86efc9a7","ssdeep":"768:zi9TPBtEmqCaKa2Z6DoV/WJ3nkXlC5hggAvfsxsXadq5YYU90H8Jj27nX:6P3Z5aKaT73nWA5hgrfIIadq5O9w8g7X","tlshash":"0d33f27d0e917e07578faf2ed63a65bd3011c442eb15d9b594ef8f28a93c10768ce880","first_seen":"2025-12-29T13:32:32.20218Z","last_seen":"2026-02-18T07:17:14.710156Z","times_seen":3666,"resource_available":false,"data":null}},"time_used":4678,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4241,"receive":437,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/favicon.ico","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:33.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-type: image/x-icon\r\ndate: Sun, 08 Feb 2026 06:04:53 GMT\r\netag: \"68a57ec7-47e\"\r\nlast-modified: Sun, 08 Feb 2026 06:04:53 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\ncontent-length: 1150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"09834f85a56009ec341b179ac2636b08","sha1":"2624dce467abea717c6a33cd3e9527470d87c78e","sha256":"a046d5883eba49158431b8277cd8c100411aae5535dae4411c55b878426fa5ac","sha512":"cab0518045f6f3449d268f142795b637c4aa6c34b7a1f1a17f3dd0b9568cbba28b1af465f65944545dd37167862edb35c3c4dd01d23b2fe0513a3471448e01b1","ssdeep":"","tlshash":"8f210082b200c82cc0a00330c802ebfa028c8c02c8b8220b00223c8bbc320a808aaba0","first_seen":"2023-05-22T08:12:19Z","last_seen":"2026-04-03T20:42:58.889043Z","times_seen":6724,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-96005406.cdb85a82.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-96005406.cdb85a82.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:00:31 GMT\r\netag: W/\"69845c3b-4d91\"\r\nexpires: Mon, 08 Feb 2027 06:00:31 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:00:31 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19857,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (19771), with no line terminators","md5":"b8439ebded5a4601039d488ec0800cb1","sha1":"03652fd8dc3e3e4ff222812c7dd50d789e64cee6","sha256":"d4cc9c1fa1bbb8d1d0d6df043c2d8f363978c63e9a33e9dae8e4fb9629a33a3a","sha512":"0979624238d5da3795041e0f7fd1e1c39c1b9e88f63aaea4856b1c3133086351cda07a96ebb99817b1626f90a1b3a3505f21c141e143e373ad12c6809a258baa","ssdeep":"192:bBLutXUqVvXco661Gik93nS7mhmpeWy5W5mYy055memwcBS+Z8bEMWB5p+/pSVi/:bBSltcokyv0Sw8bErpip7oIgDKjVd","tlshash":"2f9243cdb6cbf86003767170402fb106b67968807c4b9a49fa54e1e37e6046da276b7b","first_seen":"2025-12-12T04:38:56.826961Z","last_seen":"2026-04-03T20:42:58.808374Z","times_seen":6324,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/queryVIPLine","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/queryVIPLine HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: ac85e53cbff59abf958b7a2d03655a74\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: uunyBYVInLZtvWCAtpLpPtsNJghejLoG\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 65\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":65,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"currency\":\"CNY\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 144\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":132,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"75717b10c01d18c343be55aafdca08f4","sha1":"a3a30d5c39ecee181f938122206f4543198eac0f","sha256":"705896c8ecb336e0856409f15ef6769f9a2f849f2017a207d7c9dc3346455ea3","sha512":"02b9ab6b0f3bca4a829c3a63704737dcf710545d144c293cc48a53531e8bf049d6153693ace269a15aa6b557bb5a01611cacf15c8a7757f10e2ab6d0031fdfcc","ssdeep":"","tlshash":"b0c02b415efcc6e295e360f4ecd73b2010707e35003064084418b12440f021d0280092","first_seen":"2025-09-26T07:38:36.267631Z","last_seen":"2026-04-03T19:29:47.19112Z","times_seen":437,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":410,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/static/_wms/_l/_data/version/versionControl.json?1770530979157","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/static/_wms/_l/_data/version/versionControl.json?1770530979157 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: W/\"69854e1e-62c\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Fri, 06 Feb 2026 02:12:46 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 1262\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1580,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (1580), with no line terminators","md5":"8a0da59cae4e8dbac2a77e07112197cb","sha1":"15af6bb94c0611807fe4b49c0964e86cbf0c55a8","sha256":"e6d927b0fe354deeac059534002ae492e9729cc5ab8899e86cb13bc7577709a7","sha512":"884c2e44e76acd6c93857229abf7f1e7c5c697774fa2f671a054eb61c2832b45365d288f22ac912caefc3e2005d943f4061544a9c554869bb0259cd37b22c03a","ssdeep":"","tlshash":"6a310a643d69bce40086b4754c65750870ee3b023bfd1c161838201bb91cda266f8d56","first_seen":"2026-02-06T02:21:00.630088Z","last_seen":"2026-02-09T03:41:05.719581Z","times_seen":276,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":414,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_1.560415b7.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_1.560415b7.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-910\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2320\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2320,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"a089f9eed959f29a64d121dc135a0b8c","sha1":"df9c8aad5a3c24bb54c0d1a9d7e879110cb607a1","sha256":"574d72e827fd42febea8b744f9f177b3ee7cac4f04905897dba28770a1ea04c4","sha512":"8eaad70076b2a1c756cdf8d47036c666ad569aa440833918a62728f2b811936c32bae6e2624330ad1bf6d1620212ab8f59d28e791963152be158ec1fcc8038e2","ssdeep":"","tlshash":"a8411990b54db2604797836fa5082ee0361b7ae4d5f7d98c19619227eb331c49029ac0","first_seen":"2025-12-29T13:32:32.203156Z","last_seen":"2026-04-03T21:27:41.002369Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":4623,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4623,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/hazard-register@2x.a808f24a.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/hazard-register@2x.a808f24a.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\netag: \"6979b950-1d162\"\r\nexpires: Mon, 08 Feb 2027 06:09:38 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 119138\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119138,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"259377d7430932721b60f167c70b55f6","sha1":"acfcba7a8105e3560926997089bb0996aa9da76e","sha256":"c78bb2510d9a0c727736d169b6bf9fe3e2b3dd0c85223cc4258b4738ad4bbc8e","sha512":"5d5701fd7d4e1ad98bbd27abf7400bb8da09291f55622a09685cd0314d5686888b1b6d8110a1f6b2a54120f7c4e406b8521fc2b2f8bd8d65b391337849e0d33a","ssdeep":"3072:hzDvgtIc09R1d1KqWd0iLyxNBA1dby9URd7q8Uq0:tXZWd0Dx6bWUf7q8Uq0","tlshash":"16c3128cd8179622a5f48f8ed5db9de9c2301953eed6c9871c531789cd36f4cc60a289","first_seen":"2025-12-29T13:32:32.218415Z","last_seen":"2026-04-03T21:27:40.96802Z","times_seen":5255,"resource_available":false,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":632,"receive":220,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0d0bab.cb4c3929.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d0d0bab.cb4c3929.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:07:14 GMT\r\netag: \"69845c3b-11e\"\r\nexpires: Mon, 08 Feb 2027 06:07:14 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:07:14 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 286\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":286,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"81888f1215e269075e2836e59416c641","sha1":"3dfe5514fab77fcc66863e0416350ddfe579ae56","sha256":"abfe652a8d79b5306640af6c84fcc499efffb37eb74f3338efe43daf80ded445","sha512":"1ca856180b5a2ae7de26efbd6ee13cb0480bd1c2836489d9c2fa553c04ace4950692ee58652008d3c8f7f70fcecbe48adb47ee37bbc0050ce4f6b9b8e6a6ac4b","ssdeep":"","tlshash":"44d0c29d7081f02808e7d9a5617fb3a77babbd842e07dc504d5490703a315ea5721acf","first_seen":"2025-04-27T22:25:38.233173Z","last_seen":"2026-04-03T21:27:40.976372Z","times_seen":18106,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-143a7152.9f7819e6.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-143a7152.9f7819e6.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:00:44 GMT\r\netag: W/\"69845c3b-4a42\"\r\nexpires: Mon, 08 Feb 2027 06:00:44 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:00:44 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19010,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (19002), with no line terminators","md5":"861d5e59d4e707f685d217adb405a291","sha1":"4f56b83bde4d00b1085043d393f98aa2f49e1c03","sha256":"44fef1002101067f099d7053f4bbae0300d209461bacea49828d32646eb6d5c0","sha512":"26b963a07489f8b358488f0c35efc27f8cd16452554d57fa38e0b92e263a07981e60ca02fa1728b9e7c3465e96c12ae8661c8340ce582e41d9dd33966c96be80","ssdeep":"192:hR7nlHVIdJsZHW42RvSjW6UlFvyk1X1ZIhMPHC+VqNQCQLfOJp3dMqDuwGyeUZ7k:hR7IdJSE0W6UWjhyHCt+yeU5o","tlshash":"d782d89db2c2f0b15aa370a5502f610bf3355d84704ad1c1d238d9e0edb89ae437bead","first_seen":"2025-11-20T02:21:21.426791Z","last_seen":"2026-03-05T02:04:20.439075Z","times_seen":9937,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/program/getCustomSetting","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/program/getCustomSetting HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 75012004558264b2f175ce3918559443\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: kXM7PLp74zxU0OXQJaPCdslGO7RS1y2W\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 58\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":58,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"flage\":1}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 188\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":176,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"107b5d3e2ca7e59a9791f7939981994c","sha1":"5654e5a86ca631df8f0085728962330d31408d86","sha256":"82b21969edde9c2dd40ff4caaf77da41ee25867469a09206f17e4fd1bb6d25e9","sha512":"b3af3cbd56b0b78d3c09fca84f6856c83123fd7994d18324f25abbcbbab646c425b78b9c8999f9a3ecfe83fb807d424869f276934c380746c6b087085def270f","ssdeep":"","tlshash":"8cc080d61c6fc6415cd741f446d1324310f4be551774984c812bf03981f812d11449b5","first_seen":"2025-09-25T13:32:47.757339Z","last_seen":"2026-04-03T14:05:30.90039Z","times_seen":1039,"resource_available":false,"data":null}},"time_used":416,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":416,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/dynamic/query","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/dynamic/query HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 28cda110accaf9a8f70896099b7a8a7e\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: iYfQFBIslW0Aqz4LLDWP0L0ZbwOR3zR4\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 76\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":76,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"bizCode\":\"REGISTER_BANNER\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 1624\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2051,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"97ae3bd0f56a97f70d490ea6ef4e4f29","sha1":"1597a97e7d9135559f01ffbbe01edbc4ae873916","sha256":"84d05812acb97533d981aa5dacb3c03deffbfa98ba00c32c6c78163771b43398","sha512":"677bdbe3e83cefdc633b1b744f3d8436111b7f206280a3386a081e9998a45a2122d3fd3b5edc294fba13fd476aab5e9094f0bf1b64e0d351d6042a0434bddab0","ssdeep":"","tlshash":"12414cf98c7a971cfbb01cf18d290f1585bd6ee1a4f8aac923cadddd48253481504cd5","first_seen":"2026-01-29T14:10:05.457862Z","last_seen":"2026-02-18T07:13:11.991524Z","times_seen":755,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/static/_wms/_l/_data/form/wms-form-headerSlot.json?e5a5459fb958ee53a681d2826449e88c","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/static/_wms/_l/_data/form/wms-form-headerSlot.json?e5a5459fb958ee53a681d2826449e88c HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: W/\"68ff0d73-998\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Mon, 27 Oct 2025 06:13:07 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 1924\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2456,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (2456), with no line terminators","md5":"c51985f533bcbdd37cd164d6f43f65ab","sha1":"06d75b77def4ea70223d416b76c7af9aa9d031d1","sha256":"fa3aac1354ad8920480c9b4e678b7afebc40f9a08b2e04108f65e457bd923d37","sha512":"e50478c2f3cee9030fc7c1f5dfb0ccb669d870b513277049c571cd3b2894f967d8d94534e3b7dafe1323baa2fe6a93ba183223aa4125707f765b8e4b84758445","ssdeep":"","tlshash":"41513de51aeb70d3304704fa2e480651de6c10cae8024917637d38c93709da568961f2","first_seen":"2025-10-27T07:31:23.486779Z","last_seen":"2026-03-16T05:25:20.700044Z","times_seen":12760,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/js/abc.js?t=1770280692925","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:33.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"GET /js/abc.js?t=1770280692925 HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:00:13 GMT\r\netag: W/\"69854a95-5b02\"\r\nlast-modified: Sun, 08 Feb 2026 06:00:13 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":23298,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (687)","md5":"aa213ed8577969e2e66d32136116731b","sha1":"cd17edcb08d8315f9d5fe88e272544918bb90800","sha256":"7c5fbc18dcbe00547752d6a798782eeee96227b40d9f7062ef7fbecadfc09be2","sha512":"e76465f6ce8ce8fcbbbec2090a4abc5b06222108db7c67193fa67fa34dafe03edc3614ecedf8baa8f6b216d15ce66eb382db1f5c8bfa883346f1ce0905fd9208","ssdeep":"384:1qhdjw5p36o3626fZlpUJ6Qpc+8XOq4FHyfLzsb+nTQgl/GPLqoRP:4vjw/KoK26fZjUDe+8XOqcSfcb+nTQgM","tlshash":"02a20e710cd3544417935b6b622fa4e8e3b609272d56ad47b82c2244afcfa1feef1570","first_seen":"2026-02-06T02:02:05.815927Z","last_seen":"2026-02-11T03:43:17.143078Z","times_seen":494,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/image-loading.f3d91b70.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/image-loading.f3d91b70.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-3053\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 12371\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12371,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"2e22162dd4d9bde2039f08d73e614e3f","sha1":"b0cd6eb6b586dc24a7d18a9e191c7056b6403bb6","sha256":"117fca3f31476279cbf99e0a1bb488986242b3813c2d8d397f2468c60f800ef1","sha512":"23921b6f1769e2371f7fa95040f62355f4631b0990bc33fed2e6d6aa23aac9c2c9ef7d25d7bc78c929a209b97b617ff024a42a896c94c81a5e0566dd2ccec673","ssdeep":"192:TIvpcs5rRMO6cUAq++ozGMSIjWyD20JZBZ9O4O5xYyJdxb5hz+rVUy3+ogJEVSsO:ep/g5loywjdKoLTOrPxXmUtXE0","tlshash":"e242cfc8766cc4bbe32c105eb119b34e6f94b1b0d230ee9493297217f43e225a9e07b5","first_seen":"2025-12-29T13:32:32.22297Z","last_seen":"2026-04-03T21:27:40.986138Z","times_seen":5338,"resource_available":false,"data":null}},"time_used":4849,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4638,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_06.1f0f51f2.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_06.1f0f51f2.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-af5\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2805\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2805,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"48b54fee67d19ab7b6f07629ff985f33","sha1":"c826070ba9352cf08ba3c321368a143dfb2867d6","sha256":"f711a698ae1c651ee93b70f05132cb33e6e94205c2cdef754eaecbc453bb9755","sha512":"0031eb73467e04ea4902539d42cd26dea6ca268506c41309646e4cf6903e5457864c89d07209abdde71a870974bd34ac27f33f750b4dc9e89ae9e60676f3bdfe","ssdeep":"","tlshash":"20512bf8e64e9640921ca44c4e5c1ff83932f1d2e656d4112b0bff2bbe3213240a02ea","first_seen":"2025-12-29T13:32:32.256012Z","last_seen":"2026-04-03T21:27:40.99478Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/remove.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:34.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/static/remove.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:03:57 GMT\r\netag: \"6979b952-7c\"\r\nexpires: Mon, 08 Feb 2027 06:03:57 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:03:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 124\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":124,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"94ed439cb8de35a91de9bdad32469b29","sha1":"ae3e44a863b6dfe4e1fc2a007cb12a6890e17a9a","sha256":"a65d0eebe0466b32a77d96350fa3d63983cbdb6d2cd7b7ae7bfc03222e7f5430","sha512":"6b9206d6203b2e75f4883c2bfc79cc7c0020855c5e7c68c84ca87d924feff1f10275178174f08d4a98e7ab908a5e024af483e08384c3c8b44210372ecc500fcd","ssdeep":"","tlshash":"0eb092ba3241c66556c62f72a426a20c7fe930136c0ad07053040471d420eda10f7edb","first_seen":"2024-06-10T01:44:34Z","last_seen":"2026-04-03T20:42:58.849895Z","times_seen":13505,"resource_available":true,"data":null}},"time_used":1289,"timings":{"blocked":445,"dns":4,"connect":219,"send":0,"wait":391,"receive":0,"ssl":227},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d0f0692.d133ba28.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d0f0692.d133ba28.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:03:38 GMT\r\netag: W/\"69845c3b-107a\"\r\nexpires: Mon, 08 Feb 2027 06:03:38 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:03:38 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1011\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4218,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4218), with no line terminators","md5":"bdd0c7a665400d7d85f52220b49e2158","sha1":"181c07b03ec182a9ca7be4c7c1ce4aa340eccf24","sha256":"9a0bfde4cdac09bbd966cdf2f175686e833952339cc1117ea61aa7a0bd5d52e4","sha512":"73f146cf75df0c4553c35ccfba04f1faf010befb92a482d13e9c150610174693e63b9b9bae6c764874cc3e0b849ca1e1f122dc01857dd87af02d0c8cb364cf89","ssdeep":"48:lD/rF5jQ9VcKRlWdV1HwiTGWiC3DQVUbBubKDeAOnRenMERUuTFHMllxbXxK/ebM:Ro9VcCa5FYKJatULxkfNmb","tlshash":"d991e88db1c2f6940737a1b4c0bf219be77e2ce1784a96508e91b0e17e24165b773a1b","first_seen":"2025-02-20T10:16:23.066778Z","last_seen":"2026-04-03T21:27:41.010075Z","times_seen":18323,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/sysdate","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:37.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/sysdate HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: efd9a8b87663983b4bea912773c16f72\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: 6FYJuxo127LnhDniZNQrmTqkBS6h2HvT\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 48\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:37 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 264\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":259,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4971d65303be357b74ff56eef0dc5bba","sha1":"d18264e90e5e157bd723782f0a6c1dd9a6943d9b","sha256":"39ce4420d8aacfae0b47946cae856056e1cc817d53e0d4c54dbea0f7f4ded610","sha512":"257b30a9eaf32c1c749c3ea4fba6c579292633084946908f8d0d16c28f9604b17dc702d6e3d2b11662d34c3fed0f3745808a33ffb3404fabbd0df9f245362346","ssdeep":"","tlshash":"28d0954429bffbc15df5116492902fdb003076373cbd324c53079e2dace65055441544","first_seen":"2026-02-08T06:10:02.692521Z","last_seen":"2026-02-08T06:10:02.692521Z","times_seen":1,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":402,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_02.ba904d04.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_02.ba904d04.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-9b5\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2485\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2485,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"65f021d5878e137838c38200bd68dfbd","sha1":"621852a670c3a895a97c311da892883b2a85923f","sha256":"7eca4898383b41b8d29368f91ca38b257fffd7a87157ce088fc7cda6164ef8d7","sha512":"45dc14f20553a00210e9befaf002883394c68f3b3227c3f9e2c1884f7c1ba10edca38cb079c95a22915a7e5cb09dca5c2967f882cfd592948cf53288714f2ce9","ssdeep":"","tlshash":"12510a46427e5b7193548f2c9888de594ecb7a07da53db253453a27bc63900914ec7c8","first_seen":"2025-12-29T13:32:32.214427Z","last_seen":"2026-04-03T21:27:41.016553Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":4599,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4599,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/icon-promo-center.f50a467c.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/icon-promo-center.f50a467c.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-48d\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 1165\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1165,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"adb08ee6ece8f7c4a22863808c8b7494","sha1":"bc66fdc333573ceea36a1b37ebf8d71238b86824","sha256":"095151612f20eafd03055a8bbe254677980c80054a102ddd8fbbf7f3a58bced5","sha512":"9895a819f1d1ee860115f132537d666bb321abc1cfd8f610cfbecc31c722ef40dbf249caf2a09aed408a2dd69308b87ac529cebc8fb5208f51b36b5d1b3ea09c","ssdeep":"","tlshash":"4421b69ced2ed3a5033a224d5d8c722250885b96d3f6db4c1e9b487acd3161608ecac4","first_seen":"2025-12-29T13:32:32.23051Z","last_seen":"2026-04-03T21:27:41.005193Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/js/news.js?0.07237406227628829","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:33.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"GET /js/news.js?0.07237406227628829 HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/?palcode=1017659939\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:33 GMT\r\netag: W/\"68e47548-36b8\"\r\nlast-modified: Tue, 07 Oct 2025 02:04:56 GMT\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":14008,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"973741c799383e7ec2a1240f291b74f9","sha1":"5072708f9579918b1ac307a1cc32a5dccdb39cb4","sha256":"5dfa1a006dc84137e102aa9143f8ebce25ea3c47f77f6b7fea9387b7df73d492","sha512":"b3edc04151ecd5414e74bdc0071d14157f256d2df61570f28c5857fc346a08a129c216b7e95783f2d37ed7f93248c02584ac348840beb77423059f43fa32dd5f","ssdeep":"384:682v44a41FyDJLFY9BoHUCS9UZuA9n4/LpalQ:pxON2YA9n4DpZ","tlshash":"6e524b3b632dabde180906ea0b058018780c2faf58336b54fff395ad20ec9564b7596d","first_seen":"2025-10-07T13:03:07.37578Z","last_seen":"2026-04-03T20:42:58.816052Z","times_seen":16921,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/3s_web_detect.js?product=344a78\u0026module=frontend_new\u0026v=20250507","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:34.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/static/3s_web_detect.js?product=344a78\u0026module=frontend_new\u0026v=20250507 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:01:18 GMT\r\netag: W/\"6979b952-b2b6\"\r\nexpires: Mon, 08 Feb 2027 06:01:18 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:01:18 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45750,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (45683)","md5":"6d14ddc3e8bc1dc79357b74159f71f04","sha1":"12df5570db8c8deb75256ec7aa78c50955bf8a41","sha256":"8b252c8fec657c4596fdc851ccfdeb8ed1c9b2433f19f63d643eb1d0275d669c","sha512":"6fc44d271e892bba6d48fe9ddbdde790bb336538f7e5925e00954a832530727524285dc7132da036117e2dc27424be78f740ea87192664c3ce1d64d87f3f0ba5","ssdeep":"768:N52s3s7wTspsksLhsN5AOzYGwDgWRb/AM07OTQpzfxe5qefL:NsojTQp2hIUgWp/AM07Tfxe5x","tlshash":"b7232a9d718a7075437366e9273ff208b0766aa0240e8400bb7695853c74e5be27bfed","first_seen":"2025-04-27T22:25:38.185365Z","last_seen":"2026-04-03T21:27:40.976937Z","times_seen":18509,"resource_available":true,"data":null}},"time_used":1276,"timings":{"blocked":430,"dns":1,"connect":211,"send":0,"wait":413,"receive":0,"ssl":219},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-74598ce2.6a362893.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:37.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-74598ce2.6a362893.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:05:34 GMT\r\netag: \"69845c3b-2e9\"\r\nexpires: Mon, 08 Feb 2027 06:05:34 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:05:34 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 745\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":745,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (745), with no line terminators","md5":"055d4d35afef91473e347b39bc038786","sha1":"091d82536c19bf49ee14c8171471e9a12cae5947","sha256":"310fd4fd18bef0f3f8d20ae1a56fa560b3e29692742106c7f92443f336a38443","sha512":"efe18abe9661e52b7692b949d102f254aaa76a0e3c2166063d611773e3441c365ab7f36904642f3685498ce7100d1d1590509a86867331f200d424fd6f630bb5","ssdeep":"","tlshash":"13016dad7281e0d04fd690a0c077a3aff6aea9a07d49d32089a1e0e137105eb6123a47","first_seen":"2024-12-14T05:41:20.950845Z","last_seen":"2026-04-03T21:27:41.005702Z","times_seen":18287,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/z6icon.9aa7ca97.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/z6icon.9aa7ca97.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b951-1316\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:57 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 4886\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4886,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"669b71d0c57206860439b18f1c5a57bb","sha1":"03cae7046c9702a7d5324ad5a1f9b78b8faa59c4","sha256":"ab12cee092d44f961cd751cda3bf40a424f1a72572c515c2011d198ef5078c9a","sha512":"aef2a92628de6c83afd0a38e93959ec124790e5e927ccdd84e9d4b53290f024307617cd31906264797fc4c41c3d3d0d0814c647d6af6d6532917985f519bf1b9","ssdeep":"96:liZu0akLItvIa9/httspZAR7TbH+Dh1gH8kFaZQ/FgakMwFi5:iakLIOa9Hts3cbeXgHRmsgakfFi5","tlshash":"21a16dce910c12d292bd937e8408b374ea95be0cce74d748624b45b61a38d245e9d699","first_seen":"2025-12-29T13:32:32.226906Z","last_seen":"2026-04-03T21:27:41.004184Z","times_seen":5226,"resource_available":false,"data":null}},"time_used":4406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4405,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/icon-vip.57b3849a.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/icon-vip.57b3849a.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-4d5\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 1237\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1237,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"cc7698c072ef40aeca484d0d0a840493","sha1":"c474f56ad4282811cbc991b1803edbaa9886c48d","sha256":"aeb7101bc1943ee4f5caf9a82aa101f9d3f4506fcdd802f6ec5dc2fa72b76a3c","sha512":"fb9b31717dddae29730e14bfe5c5e3ae9d6e4870a38bc525c76912bf3e7d0e04edaa345caf13c506dcaed8e28ce21a4f66ec36c1aa314aa7bea30bacf0cdd75b","ssdeep":"","tlshash":"2421a75cd46ce60546ca014d290f6560a45822ddff75e24d7b0a48fb9f37c1860fc9ce","first_seen":"2025-12-29T13:32:32.241488Z","last_seen":"2026-04-03T21:27:41.011091Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-vendors.cfb3c532.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:34.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-vendors.cfb3c532.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:03:34 GMT\r\netag: W/\"69845c3b-11fb33\"\r\nexpires: Mon, 08 Feb 2027 06:03:34 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:03:34 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1178419,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"80bb2943d14814390f07e29ba65491e1","sha1":"d260e223d430a658077da60147bb718516a2e280","sha256":"9fac6b3843cab059776109fa39464bba8e377fe6ede2e1e1b3d9dc82e09fad60","sha512":"89886e49c59f05b0d6a96ef415603ba2a0923bf04245a09d53d5b55f82a7bb67720ecee1768c7e0655ebeaa100f7ff9653f76a9f2ee7f1db5903e1c50eceb47e","ssdeep":"6144:/5nuu4mK4Ua8v7/0hvCNvmsnbZx6+4RnsMbT73ZJfaKKYbmw+Cn:/j4mKS8v4hvamsnbZx61RnsMT1b3","tlshash":"f6250a84b7a4b02247ab39a4006f504ff27ab72d684b44acf265d4f5bcb894d553bf38","first_seen":"2026-01-30T09:26:23.697036Z","last_seen":"2026-04-03T21:27:40.98533Z","times_seen":2966,"resource_available":false,"data":null}},"time_used":1496,"timings":{"blocked":450,"dns":11,"connect":218,"send":0,"wait":589,"receive":0,"ssl":226},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/externals/img/_wms/_l/folder/brand/PC-JPsecond-reg-750x250.jpg_.avif?v=1770530979100","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/externals/img/_wms/_l/folder/brand/PC-JPsecond-reg-750x250.jpg_.avif?v=1770530979100 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"697adaa8-131f0\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Thu, 29 Jan 2026 03:57:28 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 78320\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78320,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"c64e60dfe15781cd2f417c5c9737c3f4","sha1":"7c5b1c3b55be4ca501cea076f9a337d4b3973cc0","sha256":"6c3500ce19940cce70f339b12e60fd9036f723a421dd5878809ce2cd241c36df","sha512":"6616b0f668f2d8b76d4b193d166fdf175f87c93f90075b0ed8512dded851eac0cd806903057ee61d78659c2711133bc7dedcfeea60d8349831c756037d3fe28e","ssdeep":"1536:DXUoI1f7gLrkO2gQWxn4zvOKpJP2XNkyFsDnWzq62thXyqV0A3wpw1:YoA0PHZezvOAS8nWm66hXyC5","tlshash":"307302b38c71b85871ad28df259a46105baf1c8cd056d011336ea873a47eb9f39fde42","first_seen":"2026-01-29T13:25:43.827474Z","last_seen":"2026-03-11T03:04:25.87205Z","times_seen":2600,"resource_available":false,"data":null}},"time_used":4691,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4467,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-218c9962.34976e74.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-218c9962.34976e74.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:01:39 GMT\r\netag: W/\"69845c3b-2149f\"\r\nexpires: Mon, 08 Feb 2027 06:01:39 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:01:39 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":136351,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bc1de173df03e26bfc6bd8fd052ed56f","sha1":"9745b1461cdc35b85abfeac7cb103707409e61db","sha256":"95ba2598a70e9252ec1aaaf789ab379b909562e1d6de3f015d7bc12492a9a48c","sha512":"4735b3b548a003d5d67c5c6399349a26ac815c61ecaf322ab469c0a512e83a800bf87a4263552f08a09821f1cf4f86b3d9291237c442799bdc09627f417099a9","ssdeep":"3072:pXVNfYSq8kyb46d9G4qQ/WmfH76LZL+kkIZJSB:pnfxkybDG4qQ/WmfH76LZL+kkI7SB","tlshash":"68d30889b31071a591e72256539e810263b35855b90ad0e431b6c8dbacbdd9c03ffffa","first_seen":"2023-03-07T12:21:20Z","last_seen":"2026-04-03T21:27:40.99113Z","times_seen":18457,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_3.786a6ae2.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_3.786a6ae2.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-b63\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2915\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2915,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"d381d66ffd3ef8672dc2ff81dc6f241a","sha1":"fa2a8e334b6dd5540f488d5a9ab807716970fa11","sha256":"d3d69526c24f699aef9c1dac7ad186d510804886dae3ef0d9bc6520ca129ca2f","sha512":"c5d4a8786085b714e95d562f3a5a326f1a0a3f45e66569d5eba4d215f857a012667b18ff397ff3390cda0288e2645cfa4139fc201fb7639533656d61df8042da","ssdeep":"","tlshash":"86511b44b93c532b43cb671da15ba512d0587145c85afa08d7cf9f7baf385c024cd997","first_seen":"2025-12-29T13:32:32.23509Z","last_seen":"2026-04-03T21:27:41.016022Z","times_seen":5226,"resource_available":false,"data":null}},"time_used":4843,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4842,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/static/cdn_test.jpg?1770530973862","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:33.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/static/cdn_test.jpg?1770530973862 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/jpeg\r\ndate: Sun, 08 Feb 2026 06:09:34 GMT\r\netag: \"6979b952-1b\"\r\nexpires: Mon, 08 Feb 2027 06:09:34 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:58 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: UPDATING\r\ncontent-length: 27\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27,"size_decoded":0,"mime_type":"image/jpeg","magic":"GIF image data, version 89a, 1 x 1","md5":"6a43099d5c8fe991a7aa7ebaca53069d","sha1":"5bce2f0d57305c58c7b05bfce29ebb39a18f5570","sha256":"3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1","sha512":"b82c6aa1ae927ade5fadbbab478cfaef26d21c1ac441f48e69cfc04cdb779b1e46d7668b4368b933213276068e52f9060228907720492a70fd9bc897191ee77c","ssdeep":"","tlshash":"e2800003c2a08000c380c0300808020023808820020a030aa08c00c8ac2aab00c00000","first_seen":"2023-04-05T15:47:46Z","last_seen":"2026-04-03T21:27:40.972045Z","times_seen":20373,"resource_available":true,"data":null}},"time_used":1151,"timings":{"blocked":465,"dns":1,"connect":216,"send":0,"wait":220,"receive":0,"ssl":245},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/2024-logo-banner-2.b87e4505.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/2024-logo-banner-2.b87e4505.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b94f-a1c8\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:55 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 41416\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":41416,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"3720b72c144df9109e00f564e36a7b32","sha1":"021f7a072cd83f5c0af8f22207cec530755ad55b","sha256":"fef20f20e0b90ef1d0303f1f6aeb39aef7187ffcfa5f3fffcfa0f77013c018cb","sha512":"18c744df58abe9cc3b7c1e4cf57141e7848d4064b41a445d80672b272ac3ff862efff82e3249b9d48b5321ceb1cdbe7d8533efb9f0947c5ba36803f8350dfdfc","ssdeep":"768:dfArnISClCafuJjRbZ+MGkhLDQnefJm0tz4OwhWo1HHEKNfg:RAbI1CaWxNnbnfhz71WkKq","tlshash":"e703f10c9c9f2a157494939dea0e3c97accc7e26faf2c9645055ae568770abc1c2c3f4","first_seen":"2025-12-29T13:32:32.223825Z","last_seen":"2026-04-03T21:27:41.019369Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":617,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":405,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/index_01.459fa8ed.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/index_01.459fa8ed.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-9f6\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 2550\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2550,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"15a50389f0b504579c3201a8f64b667e","sha1":"fa7f2b6df2db13b072953d8f61084761750723dd","sha256":"5b3b38691e2e119a61e8a141cd403e171d1e89cb64c40580f7f4d6e011d32599","sha512":"e27b0c1ac1aeedadc40c22d28a0b7af69ee31b86ddac3a29b326b8a00a12957e16bd1a24e335a82ac7753692d0d1494520ef50eecf96220f2699a43d0879fbe5","ssdeep":"","tlshash":"25517d60ff6af395ef1e000d488827a2519eb450eaf7c71b0a4758ffcb390015205ae5","first_seen":"2025-12-29T13:32:32.243592Z","last_seen":"2026-04-03T21:27:40.998588Z","times_seen":5225,"resource_available":false,"data":null}},"time_used":4829,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4829,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/icon-du.807d209b.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/icon-du.807d209b.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"6979b950-6cd\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 1741\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1741,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"3280d493a54ce9bba59c37a3e3686429","sha1":"4a7aacd3bdf6857e327c231d52d84f2f96a99b88","sha256":"a3455cca2a56b186cff00cc72787b425c5fa1730e001a232a986b6de568c86c3","sha512":"a040b9015d7196d99bf37a57fe6a8afd9fb1e75cd7e1ebd338f58b96e3728744a4aab8620cef55b86ecaaf2a4e37d076ffeb32297e412854ad6028f259e7b490","ssdeep":"","tlshash":"6d31f8c5e209d73c830b445dc808db5228886241fb89f2a07d7ecba9eb739028b4c2e4","first_seen":"2025-12-29T13:32:32.216165Z","last_seen":"2026-04-03T21:27:40.98668Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3s.hqvai.com/api/v1/stats/collect","fqdn":"3s.hqvai.com","domain":"hqvai.com","tld":"com"},"ip":{"addr":"38.182.202.2","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:44.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.hqvai.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 24 Sep 2025 00:00:00 GMT","end":"Thu, 24 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:1E:74:31:EC:AC:CD:B1:2E:D8:AD:43:C6:EC:9C:C7:F3:AF:C8:FB","sha256":"D8:13:B1:71:B8:7C:BE:95:8D:73:43:F3:CC:AF:7C:31:F3:AA:B9:C6:3B:08:81:A1:3D:B6:A1:A3:45:B3:3A:37"}}},"request":{"raw":"OPTIONS /api/v1/stats/collect HTTP/1.1\r\nHost: 3s.hqvai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: x-requested-with\r\nReferer: https://www.yjedsgnx.com/\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 502 Bad Gateway\r\ndate: Sun, 08 Feb 2026 06:09:48 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":4153,"timings":{"blocked":465,"dns":0,"connect":218,"send":0,"wait":3223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-2d22c4f1.58ef3486.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:37.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-2d22c4f1.58ef3486.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:06:54 GMT\r\netag: \"69845c3b-f6\"\r\nexpires: Mon, 08 Feb 2027 06:06:54 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:06:54 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: HIT, policy, disk\r\ncontent-length: 246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":246,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"166690ac780d03f8314a059f428a604c","sha1":"55242f5db60e06a61d4a798faa2bc14a94fa6277","sha256":"c2e827497b807a6b5ef6a5fd659b8890dde8ab13b04999aa2d6d9b6cfabdd9d5","sha512":"91ccad9b65336dfa6fd1e42529e0aac0d0e3d5fe7b4d339ffb2cd5e4a7905f1f2a5b645825aa30a56a7f3cadc782e95069b1d66c0b676e952885415cd2d9243c","ssdeep":"","tlshash":"52d02eae3041f420197ea5d410af33b6e2af34942ee914240ee0e4e03a618cc643164b","first_seen":"2025-04-27T22:25:38.207325Z","last_seen":"2026-04-03T21:27:41.00024Z","times_seen":18246,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_live/public/live/room/getRoomList","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_live/public/live/room/getRoomList HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: 6d05fbdaee9858d629d303666523ee0d\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\nproductId: PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\r\nqid: Cxwv04Z2D9ZvRU39l6ecY7todK5ojBcu\r\ntime: 1770530979160\r\nX-WEBSITE-CODE: pc\r\nContent-Length: 59\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":59,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"isLive\":1}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: https://www.yjedsgnx.com, *\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\nexpires: 0\r\nmagic_string: 178aa526b36126fd25b8d3446d0c1d25\r\npragma: no-cache\r\nserver: openresty\r\nservers: Tengine/1.15.1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 976\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1795,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"7c57062c3951f52776b655cfeb54b793","sha1":"16f977124f01dd7b50e437e60dc742989487493d","sha256":"cfaa40d44b21b47e92338fb8d020d6ad144495cda904adb3b5368802d1a58386","sha512":"bba5a391104fd39b8e3c89476d9e24867fa55b716ce2aae22994f34a087ef5267d0785fb3115a696af1009811e195b823469c4b29859ea49c965ab9ed6b870db","ssdeep":"","tlshash":"af31009a56764dbee70764a340ce7f8e42dd276b28808fb8e69fcf1d40f44b90212526","first_seen":"2026-02-08T06:10:02.717585Z","last_seen":"2026-02-08T06:10:02.717585Z","times_seen":1,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":433,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.yjedsgnx.com/_glaxy_344a78_/program/getSettingGroup","fqdn":"www.yjedsgnx.com","domain":"yjedsgnx.com","tld":"com"},"ip":{"addr":"154.38.214.88","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:37.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yjedsgnx.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Dec 2025 00:00:00 GMT","end":"Sun, 08 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:C7:7A:92:FE:37:4F:52:EB:49:AE:24:0C:21:90:E3:2E:89:22:31","sha256":"6D:DE:1C:4F:42:38:39:06:F4:08:77:AF:17:25:BF:DE:E8:E3:63:40:D9:7E:78:FB:CD:63:E7:C6:B4:C7:47:C8"}}},"request":{"raw":"POST /_glaxy_344a78_/program/getSettingGroup HTTP/1.1\r\nHost: www.yjedsgnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nappId: zjypgzpTZehZj322R4A2Wi6gKc3qrbW4\r\nsign: d517fa41ceb0d251ddcbb8a979b6287d\r\nneedEncrypt: 1\r\ntoken: 6sNvgv4wu0LMxWFnXNx/tePcAZrwyUizQThpg49KSr49vb7M8ZdeHRfItikUmF1VpxQ/d5asYkxcRkakuC3iX3Jojk+O044/dTjxJSiKtjrKeNV6Wm3pjg==\r\ndeviceId: faed01b113cfb270c624ee1aa793ad6c\r\nqid: g9KCZTAANrqFC32ulytPUHCDJCOTtFOv\r\nv: 1.0.0\r\ndomainName: www.yjedsgnx.com\r\nContent-Length: 70\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/register\r\nCookie: rfCode=\"1017659939:1770530977:10080\"; _ga_8FRE3KY7VN=GS2.1.s1770530977$o1$g0$t1770530977$j60$l0$h0; _ga=GA1.1.1039285371.1770530977; deviceid=N6LkRCORVRlA4gR8lG+tUUL+kHsgx9XCrl8hKmyJWvHpPoVhBlTvfi8EVGfyTLS3BYRtUfPbNQGn6UjQ1sTwtfWu7Luiz+axIrT3tCpquoTmfvkeVpcD1t7YNqxEVZ/HotKsYAZ+1QzuO7kpI4agUKfcqcRs64I3zLvijcvSzLM=; JSESSIONID=B2CE4C8BF5748B70FF211DE0A3530DE5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":70,"data":"{\"productId\":\"PCHas53duTI4rGn45WSWRM2Dnv0XWvxc\",\"group\":\"REGIEST_SET\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-method: *\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\nserver: openresty\r\nvary: Accept-Encoding\r\ncontent-length: 512\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a39f3454516718c8a67c840b7b45f94b","sha1":"95254ac4df844cd9c7cf61c5af10b887ab6962f9","sha256":"22e2c5aa90aa8d99e9db9c41406a18f47f4837101e3e93390add037e9eab1242","sha512":"fc893d5edcff7cb8b5799fab87f930c8f1a39449a0abe1903ca013eb7d326d4f67b4ed0ec6f3cde1685b9db3842120c50c9e6503ec622370a3cb12a2ecfe4519","ssdeep":"","tlshash":"25f04103296ee2f0c68582f1cb16217627607fa5d0a41d1d93ade00712a9b00e284062","first_seen":"2025-09-25T08:50:38.14993Z","last_seen":"2026-04-03T18:06:02.891425Z","times_seen":732,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-07","alert":"Sinkholed","trigger":"www.yjedsgnx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-24dd02d3.714d06f2.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-24dd02d3.714d06f2.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:02:24 GMT\r\netag: W/\"69845c3b-bf5\"\r\nexpires: Mon, 08 Feb 2027 06:02:24 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:02:24 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1080\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3061,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3061), with no line terminators","md5":"8c5d4db2eb8bce648ef88c2d779142d8","sha1":"83d3c793ca0a7b4422ad14aa7c6ebebb6aef6263","sha256":"0a8d3ea31265201d3822648c6ef2d38287663a83ce22e9030d00a2c4918fba86","sha512":"78e58239c9b0b731eacc7cb1d28879bfe37cec97cd0770e0e63482ecde1c8641b1d1d0978712ecd07b193986356384c57cbe311a6371a82d1d499df7e8ed7cb5","ssdeep":"","tlshash":"8651a6ac35d3f6765776b67de0271249b3996d95240e5d12eb18f8c2b300c1ae2323d5","first_seen":"2025-10-03T04:20:57.632354Z","last_seen":"2026-03-05T02:04:20.441783Z","times_seen":16191,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/icon-mission-center.e787dfe3.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/icon-mission-center.e787dfe3.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:43 GMT\r\netag: \"6979b950-43c\"\r\nexpires: Mon, 08 Feb 2027 06:09:43 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:56 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 1084\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1084,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"ae05f4208e8b3587a843763516c3a417","sha1":"5564515de9f964dd8d6b017e0cbbe772d3caa1a9","sha256":"a9e94063e20f4f9c96658474932ee780e4673c43cb4d635813b07150e0a7c099","sha512":"657d1244e105e403f9d7ec6c71ea7b061094415117213b26d9de5989af0ed495f91a6039bb0b601386026e5334b7cc7bb1a215d4fc6410b9cd1178d5f931000f","ssdeep":"","tlshash":"3111a8165428c309cfb51a4c046cebba7012564ff3d2e4bd254685e7c5324ab49eefc6","first_seen":"2025-12-29T13:32:32.240478Z","last_seen":"2026-04-03T21:27:40.979643Z","times_seen":5222,"resource_available":false,"data":null}},"time_used":4161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/js/chunk-a9c7c5c2.13f6887d.js","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:36.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/js/chunk-a9c7c5c2.13f6887d.js HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 08 Feb 2026 06:05:08 GMT\r\netag: W/\"69845c3b-325a\"\r\nexpires: Mon, 08 Feb 2027 06:05:08 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:05:08 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3963\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12890,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12716), with no line terminators","md5":"840fcfac4787230525796bb8d2a1b0a0","sha1":"2725a9c5bfb86bd2bcce36ff1795f2b0e6ca04f2","sha256":"012967ed7ffa710ca13c29f6a5a8cdf387117a649ef4da2fa457edb6f7a6d3e6","sha512":"dff797a96127b4db4901396c99ebab3c6fcac68e0d04e35fef82ccdbe188f73559fdc9c92d2dff13abab73fbc8d8dba28952822240f1ac237114836164e0734c","ssdeep":"192:ELSBzM03RDZG2PB1BxVTHKnA3NgpckeXtXgpY7zREgtk4EC1H1BxU:E4M0hDZR7bdustw14XVM","tlshash":"6a42d86cb186f172cdbbb2e3684f1595e3a61a4c480484cdb970eec65dd8e44632af3d","first_seen":"2025-12-12T04:38:56.876673Z","last_seen":"2026-03-05T02:04:20.456908Z","times_seen":5369,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/background.4c381bf6.png_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:38.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/background.4c381bf6.png_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:38 GMT\r\netag: \"6979b94f-50f3\"\r\nexpires: Mon, 08 Feb 2027 06:09:38 GMT\r\nlast-modified: Wed, 28 Jan 2026 07:22:55 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 20723\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":20723,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"f476b99f031be6295e1817fa8be8c58f","sha1":"11c56e23b41380d97b2b2c85ae668e2219340aff","sha256":"0da6f8ea36c5a9b9f43d9b54fedd44aaf5503307f45fb744eead36774c5be881","sha512":"1cb8d51477b2bb4bf653852925240642cb11c2d5b3472aac1c6a2beba6c5be74b43d616a5ad1dafe3118e16eb2c5192b97efc7d893a4eedf63dbba28c9be5a25","ssdeep":"384:z0rCMxdTBXq4N1crnk3CZL0AGF2o4DPp8eLY4tKfqRnIhFu3I:zQdz1GnkpGP5LY4tKiRnYA4","tlshash":"8c92d03078cbefb445466e1d540aac9160d4910dd39fe06cfbe7428ca878f0a9da29df","first_seen":"2025-12-29T13:32:32.209906Z","last_seen":"2026-04-03T21:27:41.008584Z","times_seen":5257,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":415,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/img/newyar2026.0965e29a.jpg_.avif?v=20260201","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:39.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/img/newyar2026.0965e29a.jpg_.avif?v=20260201 HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.yjedsgnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-type: image/avif\r\ndate: Sun, 08 Feb 2026 06:09:39 GMT\r\netag: \"697b389f-6c75\"\r\nexpires: Mon, 08 Feb 2027 06:09:39 GMT\r\nlast-modified: Thu, 29 Jan 2026 10:38:23 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nx-cache: BYPASS\r\ncontent-length: 27765\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":27765,"size_decoded":0,"mime_type":"image/avif","magic":"data","md5":"c123c89113c452ef0736d2c137227c9c","sha1":"9ad63afdc317e138c12d7cf0f5d30351313454ba","sha256":"c772456f98209a2787957d998f307494a2bc96badaf05411f4a8b40106913e10","sha512":"3fddefd06e3bcc18d360f78365c02df139fb2d6e176dda9476837295deefe206d491ea33f8291c454f1bcb719a7a35850ab44cf9892e99edf8102d136515f66b","ssdeep":"768:YCEm++qBYnCXLRV2a9Yb8GY8XNuauzMEWwZru8GzQuugXXi1xIKS1M8:mCnCXLaoYbR0ME3Z3xgXS1xIT1M8","tlshash":"7fc2e14bd1518db72d72d82c80e8f48534bd49eddebbc21e64659ca48dfd30440cac3a","first_seen":"2026-01-30T09:26:23.741229Z","last_seen":"2026-04-03T21:27:40.999167Z","times_seen":3252,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"best34478-go66.kwarmirtile.com/cdn/344a78FW2/assets/css/app.f4836001.css","fqdn":"best34478-go66.kwarmirtile.com","domain":"kwarmirtile.com","tld":"com"},"ip":{"addr":"205.198.109.125","port":443,"asn":140570,"as":"Hong Kong Beecloud System Technology Services Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.yjedsgnx.com/?palcode=1017659939","date":"2026-02-08T06:09:34.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kwarmirtile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:0D:2B:7E:9F:9C:57:92:94:B7:B3:E4:88:73:A5:DF:98:A3:5C:2B","sha256":"85:61:10:29:9B:DE:1D:C5:56:6A:C1:AF:33:4E:01:68:1E:3A:74:01:C0:B2:87:A5:BD:FA:78:05:AD:9F:05:E5"}}},"request":{"raw":"GET /cdn/344a78FW2/assets/css/app.f4836001.css HTTP/1.1\r\nHost: best34478-go66.kwarmirtile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.yjedsgnx.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 08 Feb 2026 06:09:21 GMT\r\netag: W/\"6980943f-19538\"\r\nexpires: Mon, 08 Feb 2027 06:09:21 GMT\r\nlast-modified: Sun, 08 Feb 2026 06:09:22 GMT\r\nserver: openresty\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103736,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d1d04344d6c59108f8b91918523c702a","sha1":"efa4b98616b924dfde00afdfce9f318d2088f8ba","sha256":"0416d0acf01a3585f0fa832e6120f8d728e5ff3908e2bb6b052b358b5135c614","sha512":"9d3305232c761b402cbcd0e2a01300a59cded8739753b82fc5ce7542937bf132f37413805d34a790e0ea88f78312796b8a530d5f4ebec170c9ba6ab4dd5f7038","ssdeep":"1536:p6h3U6Kh6h3U6Kre6h3U6KzvmksJ/jLXOn2O:pRbejBsJ3XOnN","tlshash":"aea352b7f081258c9317ca1993c07bbd496fe062d6624eeab447773987c6ac207e251f","first_seen":"2026-02-06T02:02:05.84621Z","last_seen":"2026-03-05T14:33:04.659934Z","times_seen":1996,"resource_available":false,"data":null}},"time_used":1063,"timings":{"blocked":426,"dns":3,"connect":208,"send":0,"wait":207,"receive":0,"ssl":216},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"best34478-go66.kwarmirtile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}