{"report_id":"25011582-08bb-4eec-8c3c-c7b7afa23146","version":6,"status":"done","tags":[],"date":"2026-03-15T12:44:51Z","url":{"schema":"http","addr":"kahchejs.com","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"kahchejs.com/","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"title":"kahchejs.com","dom":{"size":66157,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (16879)","md5":"44262ac788195b9dc37060b1066650fc","sha1":"43889e599fe07d62f56bd453d18b2c6f724834f3","sha256":"7c9638784e8a17356a290b99b81b6922e4b1c6ae5eee27d2f7157334f9162b70","sha512":"137df2e028fa6094810f8493b5163c3d18a891a98482cadc154752184eff1b5e273f06481211c474cc9a7fd628ede0508add4bbdd06b0a70ff43997ac8b9c90b","ssdeep":"1536:NtQclkJ5ypez1nT8rdRZobXemlUVuXwamsgwvC0N:NtQclkJ0ddRZobXemlUVugamsgwvC0N","tlshash":"a25396a057b448f5797f833b9e44a2189127e902ca4577e1f0f3d294758cea60ae3b0f","dom_hash":"domhashe0f98f326435a8a51c86228485ab6fc9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kahchejs.com","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-19T12:44:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-15","alert":"Phishing Block","trigger":"kahchejs.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"kahchejs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"kahchejs.com","ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-15T12:44:52.071318Z","last_seen":"2026-03-15T12:44:52.071318Z","alert_count":12,"request_count":6,"received_data":188727,"sent_data":2964,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kahchejs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-05-30T12:02:23.58718Z","times_seen":249456,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/wp-block-template-skip-link-js-after","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f279961230619878c574a458fca127c","sha1":"32af32ef186854776d57016b3174acc10ede2cf5","sha256":"b6da7b4877d58bb7173fc6d74d278892ef52f3ad0dd60a4048e7f6e37ffd2aba","sha512":"4e6e3bfb6b8bab59caef7df22af7257ae18fb84913ff289b7cf2c0b173cc71f10d26576b5382098f38fac88dbb5fd6a8998f8fb263e18903b0d2063b814557a1","ssdeep":"","tlshash":"fa2195c4f21506f401662a39c4341bc9e2b92998f6db1ca7cc0c8c2cb1b256f46b6f7e","size":1402,"data":"","first_seen":"2025-12-10T11:14:54.891915Z","last_seen":"2026-05-20T13:25:43.002249Z","times_seen":128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=b0f909c3ec791c383210","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"81f491adccda86aaf56a1ce68fa59b87","sha1":"c27ca491887c7fdad5a3ca67592173427cc861af","sha256":"efc3dac74026580ee6b527716e2e63ba29f2116a90d4a47a691438b9a2b86c2f","sha512":"809037c160df1990ac458f977252a4cb2629c748f1a8133240c9d2897b14ad58d2407d822fea9c61efeb19af1e72dc16b29c09c917dca024f4145f1977d1ff57","ssdeep":"","tlshash":"24610234306576b1aefe5ad8f3148428a3148581640b78717e1cb9ee58eef5391f0bea","size":3401,"data":"","first_seen":"2025-12-03T01:51:42.331168Z","last_seen":"2026-05-30T10:45:23.898131Z","times_seen":11174,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/wp-includes/js/wp-emoji-loader.min.js","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"676f27b5a9e56f118bf3e8feb3dda459","sha1":"819f1a25901c881a6a52595a16af20731496b14f","sha256":"a46b08af47b0a3ca3c33dfa97787b4888673cc0201ff4d98d00bb2e8f752b763","sha512":"4e8511f7c9de3b85bfedef1d21731e5ab77bf8d71d2f7a84034e03071ab47f5bf27bfc30c2a33d2be175006d47a9dc7cc526f987088c1a6e032991097c4df4ca","ssdeep":"","tlshash":"f161869ae77638dfb2f900f2697a0d47eb614435d6c8d438c9bea3141cb5893c274a46","size":3313,"data":"","first_seen":"2026-03-15T12:44:57.227026Z","last_seen":"2026-03-15T12:56:41.79357Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=66c613f68580994bb00a","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"4dc1083fadc3146eef9e178a635322d7","sha1":"4e30da47cbbd6c3b4bc243ef9196fdb54b8a5648","sha256":"222102c59fbeb8df4f97e143c264d83d794d74a6123486b03b9ecf32a5471918","sha512":"aa096ebe4c95e43225ee1f09450521632db53c9cd732d01e1492747a1f45cb0254cc2a443cd1f024314c86fa0eec441f20ae33c5ef4a55d6cb95bcb7b84d3384","ssdeep":"768:HeW4693pQRsx45G/0vTVhtFiBa7jJEbYlrEdORuHhYlxuQLSZEXdYqAOmp9mI66f:HeQ93u6/0vxh17thuhyQpgFbonUWqeou","tlshash":"bc03c7a4b065f03047e614a6907b051bf3356618344fc0e0f769e8ea78b919f6567f3e","size":41194,"data":"","first_seen":"2026-02-04T02:31:53.531475Z","last_seen":"2026-05-30T10:45:23.8449Z","times_seen":5153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"kahchejs.com/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=b0f909c3ec791c383210","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kahchejs.com/","date":"2026-03-15T12:44:32.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kahchejs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 14:37:22 GMT","end":"Thu, 11 Jun 2026 14:37:21 GMT"},"fingerprint":{"sha1":"2F:CC:B9:B8:86:C5:F6:09:3E:0A:FC:B6:97:F3:B4:C8:E1:B8:04:6C","sha256":"DE:2B:18:1A:25:18:A8:42:F1:8E:6E:5B:F2:51:9E:68:2E:BB:22:70:A6:7E:6E:96:73:58:42:78:56:86:23:D7"}}},"request":{"raw":"GET /wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=b0f909c3ec791c383210 HTTP/1.1\r\nHost: kahchejs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kahchejs.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Sun, 15 Mar 2026 12:44:32 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Fri, 13 Mar 2026 15:35:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69b42eac-d49\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3401,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (3401), with no line terminators","md5":"81f491adccda86aaf56a1ce68fa59b87","sha1":"c27ca491887c7fdad5a3ca67592173427cc861af","sha256":"efc3dac74026580ee6b527716e2e63ba29f2116a90d4a47a691438b9a2b86c2f","sha512":"809037c160df1990ac458f977252a4cb2629c748f1a8133240c9d2897b14ad58d2407d822fea9c61efeb19af1e72dc16b29c09c917dca024f4145f1977d1ff57","ssdeep":"","tlshash":"24610234306576b1aefe5ad8f3148428a3148581640b78717e1cb9ee58eef5391f0bea","first_seen":"2025-12-03T01:51:42.331168Z","last_seen":"2026-05-30T10:45:23.898131Z","times_seen":11174,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-15","alert":"Phishing Block","trigger":"kahchejs.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"kahchejs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/wp-content/themes/twentytwentyfive/assets/fonts/manrope/Manrope-VariableFont_wght.woff2","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kahchejs.com/","date":"2026-03-15T12:44:32.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kahchejs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 14:37:22 GMT","end":"Thu, 11 Jun 2026 14:37:21 GMT"},"fingerprint":{"sha1":"2F:CC:B9:B8:86:C5:F6:09:3E:0A:FC:B6:97:F3:B4:C8:E1:B8:04:6C","sha256":"DE:2B:18:1A:25:18:A8:42:F1:8E:6E:5B:F2:51:9E:68:2E:BB:22:70:A6:7E:6E:96:73:58:42:78:56:86:23:D7"}}},"request":{"raw":"GET /wp-content/themes/twentytwentyfive/assets/fonts/manrope/Manrope-VariableFont_wght.woff2 HTTP/1.1\r\nHost: kahchejs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kahchejs.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Sun, 15 Mar 2026 12:44:32 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 53600\r\nLast-Modified: Fri, 13 Mar 2026 15:35:08 GMT\r\nConnection: keep-alive\r\nETag: \"69b42eac-d160\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53600,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 53600, version 1.0","md5":"a8ebc7eb54efacfda66d0a2531058ecd","sha1":"5b56dbe3d3eabe178719988f4fee76d9d4ad7079","sha256":"ce340d48531930f3f2c8b7c47d149f82c9f4413548dd216e0f4d9af94a87c374","sha512":"bde7ef9fa476ae2bf7220afadc1285dec21f1a51718f3633a82cd4d08ac0adafd02acf01db82b3c263ab8a87e2cb18a03830f302d664f4441629ec24678bf2ac","ssdeep":"1536:GcCtX6JRTj6XLzm1OSRKt9Vo3IGC9pT/UTQ+z/y:qX6DWXPmwSRIVPGC9pTREy","tlshash":"203302d1f44038206c75e3fbddecfb9434ea81aaf53945d384a658bc0f8056addb0264","first_seen":"2023-11-30T06:19:19Z","last_seen":"2026-05-30T11:19:46.074271Z","times_seen":8857,"resource_available":false,"data":null}},"time_used":995,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":662,"receive":333,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"kahchejs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-15","alert":"Phishing Block","trigger":"kahchejs.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=66c613f68580994bb00a","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kahchejs.com/","date":"2026-03-15T12:44:32.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kahchejs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 14:37:22 GMT","end":"Thu, 11 Jun 2026 14:37:21 GMT"},"fingerprint":{"sha1":"2F:CC:B9:B8:86:C5:F6:09:3E:0A:FC:B6:97:F3:B4:C8:E1:B8:04:6C","sha256":"DE:2B:18:1A:25:18:A8:42:F1:8E:6E:5B:F2:51:9E:68:2E:BB:22:70:A6:7E:6E:96:73:58:42:78:56:86:23:D7"}}},"request":{"raw":"GET /wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=66c613f68580994bb00a HTTP/1.1\r\nHost: kahchejs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kahchejs.com/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=b0f909c3ec791c383210\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Sun, 15 Mar 2026 12:44:32 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Fri, 13 Mar 2026 15:35:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69b42eac-a0ea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41194,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (41194), with no line terminators","md5":"4dc1083fadc3146eef9e178a635322d7","sha1":"4e30da47cbbd6c3b4bc243ef9196fdb54b8a5648","sha256":"222102c59fbeb8df4f97e143c264d83d794d74a6123486b03b9ecf32a5471918","sha512":"aa096ebe4c95e43225ee1f09450521632db53c9cd732d01e1492747a1f45cb0254cc2a443cd1f024314c86fa0eec441f20ae33c5ef4a55d6cb95bcb7b84d3384","ssdeep":"768:HeW4693pQRsx45G/0vTVhtFiBa7jJEbYlrEdORuHhYlxuQLSZEXdYqAOmp9mI66f:HeQ93u6/0vxh17thuhyQpgFbonUWqeou","tlshash":"bc03c7a4b065f03047e614a6907b051bf3356618344fc0e0f769e8ea78b919f6567f3e","first_seen":"2026-02-04T02:31:53.531475Z","last_seen":"2026-05-30T10:45:23.8449Z","times_seen":5153,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":330,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-15","alert":"Phishing Block","trigger":"kahchejs.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"kahchejs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kahchejs.com/","date":"2026-03-15T12:44:32.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kahchejs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 14:37:22 GMT","end":"Thu, 11 Jun 2026 14:37:21 GMT"},"fingerprint":{"sha1":"2F:CC:B9:B8:86:C5:F6:09:3E:0A:FC:B6:97:F3:B4:C8:E1:B8:04:6C","sha256":"DE:2B:18:1A:25:18:A8:42:F1:8E:6E:5B:F2:51:9E:68:2E:BB:22:70:A6:7E:6E:96:73:58:42:78:56:86:23:D7"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.9.4 HTTP/1.1\r\nHost: kahchejs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kahchejs.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Sun, 15 Mar 2026 12:44:32 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Fri, 13 Mar 2026 15:35:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69b42eac-58ea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-05-30T12:02:23.58718Z","times_seen":249456,"resource_available":true,"data":null}},"time_used":339,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":338,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-15","alert":"Phishing Block","trigger":"kahchejs.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"kahchejs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/favicon.ico","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kahchejs.com/","date":"2026-03-15T12:44:33.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kahchejs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 14:37:22 GMT","end":"Thu, 11 Jun 2026 14:37:21 GMT"},"fingerprint":{"sha1":"2F:CC:B9:B8:86:C5:F6:09:3E:0A:FC:B6:97:F3:B4:C8:E1:B8:04:6C","sha256":"DE:2B:18:1A:25:18:A8:42:F1:8E:6E:5B:F2:51:9E:68:2E:BB:22:70:A6:7E:6E:96:73:58:42:78:56:86:23:D7"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: kahchejs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kahchejs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Sun, 15 Mar 2026 12:44:33 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 275\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":275,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4f3d67ff5dbe5e2fa0644ffd897bfa46","sha1":"c68fa7e3801a242876bf0ef2935f2369afa4b53d","sha256":"3d75a60870dfaf6b03c796f33ee99d864b504c9b0fee9654b78be6af02de7939","sha512":"aecea07058f04db34428fb64217a6aff06831517c0f33fd9bc035d270f5f2b00d168546473d3948e1fe72c9b1c4a0787daa189bdf010ee5ab87b8876546ee9ea","ssdeep":"","tlshash":"ecd02b9e5043638f481215503ac125c2268d12e6b47ac6e82d86d887529863ecddaadd","first_seen":"2026-03-15T12:44:57.219389Z","last_seen":"2026-03-15T12:56:41.790572Z","times_seen":2,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":3,"dns":0,"connect":340,"send":0,"wait":334,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"kahchejs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-15","alert":"Phishing Block","trigger":"kahchejs.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kahchejs.com/","fqdn":"kahchejs.com","domain":"kahchejs.com","tld":"com"},"ip":{"addr":"167.172.79.94","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-15T12:44:30.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kahchejs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 14:37:22 GMT","end":"Thu, 11 Jun 2026 14:37:21 GMT"},"fingerprint":{"sha1":"2F:CC:B9:B8:86:C5:F6:09:3E:0A:FC:B6:97:F3:B4:C8:E1:B8:04:6C","sha256":"DE:2B:18:1A:25:18:A8:42:F1:8E:6E:5B:F2:51:9E:68:2E:BB:22:70:A6:7E:6E:96:73:58:42:78:56:86:23:D7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kahchejs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Sun, 15 Mar 2026 12:44:31 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 12099\r\nConnection: keep-alive\r\nLink: \u003chttps://kahchejs.com/index.php/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":65958,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (16879)","md5":"1504c8a56a083a3566649b0272f9f647","sha1":"6df3966bafef431732fe33378d21c15d3561dcf5","sha256":"f7e001f3e588aa0831f9b12672ff45b4c7570700b828723feafe9a0c4cf46add","sha512":"1f94540a00b06767d0df51fb61090d5a77cc816f965ce6333af6fb0af9e5775469ff140c693b85ca56e7b085ec10aecad44d48801c4d5b9800e22da32d3d104b","ssdeep":"1536:OG6clkL5ypez1nT8fdGZMp64wvSAIXuTVjmwvC0R:OG6clkL0pdGZMp64wvSAIeTVjmwvC0R","tlshash":"0d5396a157b448f5797f833b5e44a2189527e902ca0977e1f0f3d294758cea60ae3b0f","first_seen":"2026-03-15T12:44:57.221428Z","last_seen":"2026-03-15T12:56:41.784332Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2128,"timings":{"blocked":725,"dns":37,"connect":337,"send":0,"wait":677,"receive":1,"ssl":345},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"kahchejs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-15","alert":"Phishing Block","trigger":"kahchejs.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}