{"report_id":"33be7618-dca5-4b41-9d6a-f2dab963551f","version":6,"status":"done","tags":[],"date":"2026-03-31T13:56:29Z","url":{"schema":"http","addr":"kg365p.com","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"kg365p.com/#/","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"title":"bet365","dom":{"size":84631,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (44850)","md5":"73493a6e1155a323dac752453b9ac457","sha1":"321b8397f67c9e525216a9227e316cc2767c6a1b","sha256":"a321984cb028d7f38ccd7d57329bffff95f27d80b3c28791d0eb54158f7c4fb2","sha512":"38d26e0395be53bbbed64fccf0cc6ccbe3d9a099e46b0238ad51ca1d08305e9586a50028e9889af6ab223a2723989fbc867f2f3f6cc21991c5327a1c6f9712af","ssdeep":"1536:n21rwU1BAUkIDL39yK5hrFem0LTFnl1SOX7tlf8:n2BwU1BAUkIDL39yK5hrFem0LTtlV8","tlshash":"0a830fa64890224990334a55cbdc8f68577dc767a8724cdf335a384fcb85bee239e217","dom_hash":"domhash0a1a743a89b76dcf4f1613799068f77d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kg365p.com","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-05T13:56:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":24,"urlquery":0,"analyzer":6}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37558,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.686892+0000\",\"flow_id\":1999985117114806,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37558,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":943,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.143798+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37530,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.689236+0000\",\"flow_id\":1193403143827709,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37530,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.143613+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37574,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.693594+0000\",\"flow_id\":590381145535062,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37574,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":943,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.143958+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37524,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.708085+0000\",\"flow_id\":1904838706606131,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37524,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.143411+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37544,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.713666+0000\",\"flow_id\":1477012719284574,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37544,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.143710+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37572,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.720731+0000\",\"flow_id\":174808699908616,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37572,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.143880+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37618,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.940474+0000\",\"flow_id\":1364342842197854,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37618,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.395102+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37588,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.946079+0000\",\"flow_id\":354613210777262,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37588,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":943,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.394926+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37604,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.952913+0000\",\"flow_id\":96326762497800,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37604,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":943,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.395016+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37628,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.957587+0000\",\"flow_id\":832999553107980,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37628,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":943,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.395276+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37582,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.968969+0000\",\"flow_id\":618139519157766,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37582,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.394758+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:06Z","timestamp":1774965366,"ip_dst":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":37626,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:06.973216+0000\",\"flow_id\":1866729461778349,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":37626,\"dest_ip\":\"47.79.65.228\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"365huodongtu.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":943,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.395181+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48596,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.233335+0000\",\"flow_id\":1429785258921986,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48596,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.692226+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48600,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.255333+0000\",\"flow_id\":536956047364180,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48600,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":937,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.692308+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48614,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.262629+0000\",\"flow_id\":235487997890760,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48614,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":937,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.692424+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48580,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.274361+0000\",\"flow_id\":777641719664544,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48580,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":937,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.692128+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48566,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.281707+0000\",\"flow_id\":1468654712950594,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48566,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":937,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48554,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.290471+0000\",\"flow_id\":1054400822283975,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48554,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":937,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.691911+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48626,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.474480+0000\",\"flow_id\":1263209247302517,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48626,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":937,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.942965+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48666,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.492512+0000\",\"flow_id\":504657893287025,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48666,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":2,\"bytes_toserver\":789,\"bytes_toclient\":1588,\"start\":\"2026-03-31T13:56:06.943217+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48682,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.488437+0000\",\"flow_id\":1255362342053069,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48682,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":937,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.943309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48624,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.506251+0000\",\"flow_id\":1303783803347729,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48624,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":4682,\"start\":\"2026-03-31T13:56:06.942865+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48654,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.515455+0000\",\"flow_id\":1781573145224222,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48654,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":937,\"bytes_toclient\":1654,\"start\":\"2026-03-31T13:56:06.943134+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-31T13:56:07Z","timestamp":1774965367,"ip_dst":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48638,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-31T13:56:07.532611+0000\",\"flow_id\":581022411809731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.24\",\"src_port\":48638,\"dest_ip\":\"47.79.65.168\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"768tup.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":937,\"bytes_toclient\":6105,\"start\":\"2026-03-31T13:56:06.943043+0000\"}}"}],"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"768tup.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":4111567,"first_seen":"2025-06-22T10:55:18.203925Z","last_seen":"2026-03-26T01:58:37.821846Z","alert_count":0,"request_count":6,"received_data":1427927,"sent_data":2750,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"ssl.captcha.qq.com","ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"domain_registered":"1995-05-04","domain_rank":744414,"first_seen":"2012-11-03T19:41:33Z","last_seen":"2026-03-27T02:20:16.647776Z","alert_count":0,"request_count":1,"received_data":99926,"sent_data":413,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"ipwho.is","ip":{"addr":"104.20.44.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-29","domain_rank":18239,"first_seen":"2020-06-08T11:52:47Z","last_seen":"2026-03-28T03:44:20.863322Z","alert_count":0,"request_count":1,"received_data":315,"sent_data":416,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"j-raw.imglok412nt.com","ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-03-15","domain_rank":0,"first_seen":"2025-09-09T01:49:50.226212Z","last_seen":"2026-03-31T02:30:11.993929Z","alert_count":0,"request_count":2,"received_data":1446897,"sent_data":967,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kg365p.com","ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-03-13","domain_rank":0,"first_seen":"2026-03-31T02:34:11.221852Z","last_seen":"2026-03-31T02:34:11.221852Z","alert_count":504,"request_count":84,"received_data":4896981,"sent_data":81483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Tencent Waterproof Wall","description":"","website":"https://007.qq.com/","common_platform_enumeration":"","icon":"TencentWaterproofWall.png","categories":["Hosting panels","Security"]}]},{"fqdn":"cstaticdun.126.net","ip":{"addr":"47.246.50.196","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"France","country_code":"FR"},"domain_registered":"1998-02-28","domain_rank":474446,"first_seen":"2017-06-21T07:31:41Z","last_seen":"2026-03-27T04:49:16.383385Z","alert_count":0,"request_count":1,"received_data":37112,"sent_data":428,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-10-16T06:49:50.521498Z","last_seen":"2026-03-31T02:30:12.013246Z","alert_count":0,"request_count":13,"received_data":9406996,"sent_data":6048,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kg365p.com/static/js/main.46f28393.js?1774781116531","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"639de83c608f63e4e0f1525422555200","sha1":"f7fdd817cfb30578b896736d42e08b10fa50349c","sha256":"609817227ffe41be87e49cfddb1bed726f638a5bd4067ae846aba2dcdd7f9689","sha512":"6ad8f5d3c951a17f4ef8306ee71ebe7e6a8167f804d2f0e91d4d1db378957b2f4715cc744fc1b580e00e4b392533fefe8b7e477519a0e2d8d9721394b048cae6","ssdeep":"3072:9F38e5PqusfA774In/jKFhxi00VBYmK7wbEn6TrhaeTpDaDq:IFe00Mmc3nc6q","tlshash":"f5a4e849b141b8ab03f3a17a802f1559f2b52895a54c8c50f368cde7f9f6558a32ff38","size":466093,"data":"","first_seen":"2026-03-31T02:30:20.407006Z","last_seen":"2026-03-31T13:56:43.594562Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/js/5.2f93cbb3.chunk.js?1774781116531","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1afdb233975f343be77426bb8829a5bf","sha1":"e026a836bf827ec9c3e3139093477d9ffae2c0c4","sha256":"c8610e0bde83ebd34201e88c98f07352fc0259aaa83e2141434df5168903c3ae","sha512":"821a91a1ca4f58f610c0ed9242c6971f292206d1fab3fcfcfb3512c9301d230d21d74091006a72c2c204372c88474f11212824c5ac5a2616d896bcfe77e90688","ssdeep":"1536:SAorRQUIkMAwAFNwU1BAUkIDL39yK5hrFem0LTa:SA0AWPwU1BAUkIDL39yK5hrFem0LTa","tlshash":"9fb3749658a0214990330956cbdc4f68973cc75768724cee3366ac8fcb55bed23ae723","size":107470,"data":"","first_seen":"2026-03-31T02:30:20.40786Z","last_seen":"2026-04-02T04:04:02.218243Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/js/manifest.1eebaf28.js?1774781116531","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7dce38f8f25e921d1a06aacf2b28600d","sha1":"aa4128182ad7dc97ef4c5bc9d6f07ab1a10ce7ae","sha256":"9e238791acfde505e312b9ccb1b6276b4f0fcc1032e4f19e2490b5ac991790eb","sha512":"df7b2a6a5f04d736ec92fa9d1cb1cb1a846f63ca45871d942b6b428c74a4fb1ebaf97b4be14b1c8b7809560f2e9c8128b8338a3cc339af5a69d487907fc5129a","ssdeep":"","tlshash":"2341c6de77a1b9c623f65854062f6178e27c3e162d7ddc64d38dd2693c34c849222ae2","size":1999,"data":"","first_seen":"2026-03-31T02:30:20.352016Z","last_seen":"2026-03-31T13:56:43.653743Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cstaticdun.126.net/load.min.js?t=202007291602","fqdn":"cstaticdun.126.net","domain":"126.net","tld":"net"},"ip":{"addr":"47.246.50.196","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"cb8efb99a8950ca6b13f38274938882c","sha1":"8ab6335d260069ded73009a539c3bc91404791de","sha256":"2f55203b6eac5a5edbefc7225557ba6bf8f4d869c67525d11d10719a8becd3d5","sha512":"0d60f0db0dc4f5ef4ea8baf1d18d44d20313d436f84d3033453828fbbe856b673a442085290ebaa5627ded58cee3d35a8a5560bd860cf7697330c769bb99275a","ssdeep":"768:9KHK1+h00zI0RAcKvErsQsLiz0I+/QtzfS5+8hfgVCMiE:9ChrsQa6tjS5D5gEE","tlshash":"2ef2d68cb690f4bb4ba76070813f920be13b5614b499c0e4b155e5e4adbd8ce5627f3c","size":36116,"data":"","first_seen":"2026-03-25T12:02:18.210304Z","last_seen":"2026-04-07T04:14:17.678192Z","times_seen":495,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssl.captcha.qq.com/TCaptcha.js","fqdn":"ssl.captcha.qq.com","domain":"qq.com","tld":"com"},"ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"6dc4ca9f1efbcb232c925de44d25b502","sha1":"2bb440e7908c7b4db175075685bad4dc0de328e7","sha256":"d4178c894f1d24b0b69d3d66b42204be3d63e199d25e39b2a53fa416b8c89f8f","sha512":"365ae8c212d95d919b1f141b273e2a24d2c321c9e243434d5ecb3560498201eeb4fda1938fe4153eb1d3802989c4396a75f084d907b45baacdfe0c9d5760db2c","ssdeep":"1536:TZB+ZYK9BnHl7xTYeu24ozqA7R/hISgScvEPhZOWmBW/MNfH4OYsgP+3UKq+0XYy:DwxTYeu24ozqA9/hISgSGOOpBW/wYDth","tlshash":"cba318deb3f1762d05ab6194cc3b9d8e64374c50c018f1b5cfb98687b628589921bf3a","size":99680,"data":"","first_seen":"2026-03-31T07:53:15.76128Z","last_seen":"2026-04-06T15:33:40.954277Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/js/vendor.12c75c43.js?1774781116531","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a21dba9b92d9c15a12d20a3a1b38ae09","sha1":"8256701ce2055b8c240df7b8391a16f8010289a8","sha256":"9553b8fa6cf2e91f500bdafd3571b2de7168d518c931b45edc78d9f309d9d034","sha512":"09b80545e6b136495fed95f1eb916119c7818d8e8a23c4ce6fa4569b4384437069c3adaffcb2c1fb344348bf482f5bbf32d8226770471f1d8bc678c5bbe3fa6b","ssdeep":"6144:m3MA4xIRhzVPMHF86h+eDnaMcUY+lo89R36RmKew5vdCq+lSrr8g01FE4:4MC6ni29R3I5vdCq+gKo4","tlshash":"41f4f7c9b692f0a543e760f5402f150bf23aa919740e85a4f251e8e5bcbc89e513bf7c","size":774677,"data":"","first_seen":"2026-03-31T02:30:20.369435Z","last_seen":"2026-04-05T07:25:07.19423Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_VG.7e39f921.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_VG.7e39f921.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-5ea\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1514,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"7e39f92168d2f7863629b6120f794ceb","sha1":"de5b1286b8e9317834e927a0ddd22f39802c3f50","sha256":"fb4c59e66a2960c5d3dd9f14787cae93fd1b692da4ffb9dab472c035a131d188","sha512":"89e1ae156a55caeaf1fda26531053c30ee79f4cc78218f3c09c129ce2d79286f6f4e64b10db8b9781727bd406785ca3008617397b86419e0f413e98a1c9626f3","ssdeep":"","tlshash":"cb311cd4f12f1133ec4cb2c9bd1c9155c7b59647c8369d77bd68901005f119b648c2b3","first_seen":"2023-05-06T10:37:05Z","last_seen":"2026-04-06T20:15:07.646013Z","times_seen":2286,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cstaticdun.126.net/load.min.js?t=202007291602","fqdn":"cstaticdun.126.net","domain":"126.net","tld":"net"},"ip":{"addr":"47.246.50.196","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:03.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.126.net","organization":"NetEase (Hangzhou) Network Co., Ltd"},"issuer":{"commonName":"GeoTrust G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 24 Nov 2025 00:00:00 GMT","end":"Wed, 23 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:DA:FF:25:CA:C1:B3:2A:07:EC:89:18:8B:11:75:86:A2:1C:76:1B","sha256":"90:30:8B:08:91:13:6D:6B:5C:CF:09:D3:67:EB:12:8E:34:F1:0D:37:08:1E:95:E3:D2:CE:B7:41:B4:A1:DA:E1"}}},"request":{"raw":"GET /load.min.js?t=202007291602 HTTP/1.1\r\nHost: cstaticdun.126.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: application/javascript\r\nContent-Length: 14400\r\nConnection: keep-alive\r\nDate: Tue, 31 Mar 2026 10:51:34 GMT\r\nTiming-Allow-Origin: *\r\nCache-Control: max-age=43200\r\nExpires: Fri, 27 Mar 2026 22:56:34 GMT\r\nVia: ens-cache22.l2nu20-20[0,0,304-0,H], ens-cache65.l2nu20-20[1,0], ens-cache6.l2hk11[0,0,304-0,H], ens-cache11.l2hk11[1,0], ens-cache24.l2de4[0,0,304-0,H], ens-cache39.l2de4[1,0], ens-cache6.fr4[0,0,200-0,H], ens-cache2.fr4[4,0]\r\nVary: Accept-Encoding\r\nLast-Modified: Wed, 25 Mar 2026 01:57:18 GMT\r\nContent-Encoding: gzip\r\nAge: 11069\r\nAli-Swift-Global-Savetime: 1774954294\r\nX-Cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nX-Swift-SaveTime: Tue, 31 Mar 2026 10:51:34 GMT\r\nX-Swift-CacheTime: 43200\r\ncdn-user-ip: 91.90.42.154\r\nAccess-Control-Expose-Headers: *\r\nAccess-Control-Allow-Methods: GET,POST,OPTIONS,HEAD\r\nAccess-Control-Allow-Origin: *\r\ncdn-source: ali\r\nAccess-Control-Allow-Headers: *\r\ncdn-ip: 47.246.50.196\r\nEagleId: 2ff6329617749653637686664e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":36116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32007)","md5":"cb8efb99a8950ca6b13f38274938882c","sha1":"8ab6335d260069ded73009a539c3bc91404791de","sha256":"2f55203b6eac5a5edbefc7225557ba6bf8f4d869c67525d11d10719a8becd3d5","sha512":"0d60f0db0dc4f5ef4ea8baf1d18d44d20313d436f84d3033453828fbbe856b673a442085290ebaa5627ded58cee3d35a8a5560bd860cf7697330c769bb99275a","ssdeep":"768:9KHK1+h00zI0RAcKvErsQsLiz0I+/QtzfS5+8hfgVCMiE:9ChrsQa6tjS5D5gEE","tlshash":"2ef2d68cb690f4bb4ba76070813f920be13b5614b499c0e4b155e5e4adbd8ce5627f3c","first_seen":"2026-03-25T12:02:18.210304Z","last_seen":"2026-04-07T04:14:17.678192Z","times_seen":495,"resource_available":true,"data":null}},"time_used":1552,"timings":{"blocked":756,"dns":314,"connect":26,"send":0,"wait":33,"receive":1,"ssl":419},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/indPhone.e95107e9.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/indPhone.e95107e9.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-9b22a\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":635434,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 670 x 697, 8-bit/color RGBA, non-interlaced","md5":"e95107e97428da9ee99ae8aec414a351","sha1":"ffe8c88ece3b7eeeadc9f0d59963330c6fac3a17","sha256":"75983f54c8be386a0f29b3470cc4fb8b3278be102041eb42b0dda949f9dbe910","sha512":"e8c83c1eb9bf02eee8ca917ed83fb3211bd558cff26f3ee34476d251af5e52ace8d072c17504af875660b1da2098b753aac54c8cd0ddafa6470643fed48eee1c","ssdeep":"12288:K0iCDDDbAPNOWtHVOUDC8J1bqrenf68kq1ucAIlyKvpAWBm3igZx3NNkXJxN:K0iCDn0coOr8rbvnY8AYzhNBYiydNqJr","tlshash":"28d4233a3278f07cb744a4a5bdbe66d563882e3206779ab8818e453051a37d583d37f3","first_seen":"2025-04-05T11:33:17.294391Z","last_seen":"2026-03-31T13:56:43.655715Z","times_seen":23,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/gonggao/2026shijiebeiPC.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /gonggao/2026shijiebeiPC.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 511582\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2771F197836306B748E\r\nAccept-Ranges: bytes\r\nETag: \"F312A13B85CB8B1CDEE806ACA38612FD\"\r\nLast-Modified: Sun, 16 Nov 2025 15:17:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15503658930770449482\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 8xKhO4XLixze6Aaso4YS/Q==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":511582,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 848 x 520, 8-bit/color RGBA, non-interlaced","md5":"f312a13b85cb8b1cdee806aca38612fd","sha1":"0941fd4076662bdfeed8309765b05410270f659f","sha256":"91100c428967b4792a18c0c8d9d1532e6fc413d2727d73928478b87cb2143224","sha512":"dcbd3666bc22568b73fcc6d2e2176365e3a456d8cef9e4935b2ec05a13f0e79a1a71a9077c4c4f50f60ecfaecabef0b37f5abbae0b971d29e42805fb67c5ed67","ssdeep":"12288:8LcGk9DVZ8l8zw4j76CC3gxd3KRhdOs348PdLq:2cglx4j7W3C3KRhdOsImLq","tlshash":"46b42326ffcb74d85e43044cea4b4d8c48852626518efdda83e96931a79c3d8b36e423","first_seen":"2025-12-20T15:15:27.514087Z","last_seen":"2026-03-31T13:56:43.599534Z","times_seen":11,"resource_available":false,"data":null}},"time_used":2951,"timings":{"blocked":850,"dns":38,"connect":270,"send":0,"wait":279,"receive":968,"ssl":544},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/lunbo/dzpc.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /lunbo/dzpc.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 869649\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD277CD9B34353242F8EC\r\nAccept-Ranges: bytes\r\nETag: \"424B69A24EE02203902BDF90CA153F04\"\r\nLast-Modified: Wed, 16 Jul 2025 16:48:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15325742906864616141\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Qktpok7gIgOQK9+QyhU/BA==\r\nx-oss-server-time: 7\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":869649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 400, 8-bit/color RGBA, non-interlaced","md5":"424b69a24ee02203902bdf90ca153f04","sha1":"3d594a232e25d2b4889a7b8cdb5efb656647d4da","sha256":"bd08f89da5cd981c32333d8abe86a572ebc48c036229aa2d5bbe418d7da78269","sha512":"72e5469a9310254b5fdf3a9e862409c86291adadc908245118dd8b8201b0a673114896fc34ca4c4431bbbd8a07fd20536b0a43fe674a3dbf904691486f1f7123","ssdeep":"24576:cmiQ6tkXX8PrqPXF+ai4UJTtKqaMsfUTW3GIo9dLq:ni6g6ka7UJxKqadfXq9dLq","tlshash":"630533bebca52799b8c919e5355708f8236d1eccaec0727ad4086368dbc545c09e7f2c","first_seen":"2025-10-16T06:50:04.942626Z","last_seen":"2026-03-31T13:56:43.60038Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2994,"timings":{"blocked":820,"dns":0,"connect":0,"send":0,"wait":298,"receive":1306,"ssl":570},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/pic9.df0a779c.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/pic9.df0a779c.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-3e11\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15889,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 182 x 204, 8-bit colormap, non-interlaced","md5":"df0a779cf1df9139066be3752fb67b26","sha1":"4560787883ebd57f2d980c3e9eba2bf74b96d400","sha256":"38d9b09843320cec3831174e313fb8d1bb518b24db8b20267971b3e2f0b8a450","sha512":"38ae7f663ee92c9048eb426c11d06eebc1c79cfa60c9389b5aeba2ba0bf9083109ad154a705124bd62ffd494ce638623a2aef6cbade1f523ec8c55095320e0cf","ssdeep":"384:FGW+j2X7ooWebQcBYeMQItJ4BylvqLyg0ZZi:FGXj2rooWebQ4YaIt+FNgi","tlshash":"5d62d1cbd4302c624fec9829ce9e1c1d97216a8a4771dd859d1c9cef3e738780ac652a","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.968499Z","times_seen":1758,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/pic10.10094928.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/pic10.10094928.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-4413\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17427,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 222 x 200, 8-bit colormap, non-interlaced","md5":"100949282847c89b9604688c11876685","sha1":"a74fa5405c636528575a8e61aeeee47358e4434d","sha256":"1ba829cb28aadd961c017747cb438635dd1cd96f850bf5ae1f0ac5d31c4169d9","sha512":"32f22e68e09db704992f7124e499e653f806c52a0c3482264c29e06e9e411e558536f7caea5daeec295a5626bce6cabc33c71f967e222cbbbcdd7f1868564c17","ssdeep":"384:M52iOiaR/r8Q09SW92LsM6sH/6aNEdXJRnY+FOPt0zWl4ItC:M52i4R/rYG6sfg8+gl4d","tlshash":"1872c09593afa6f34e1cdc3785fc07d0e82fe54afd2a8e0c9d13aa65968c66166011d0","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:49:03.501225Z","times_seen":2090,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/Video.c8cf615c.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/Video.c8cf615c.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-ab2\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 118 x 53, 8-bit/color RGBA, non-interlaced","md5":"c8cf615c5c1588158a7552dc18393cfe","sha1":"ab40bd3620f6c0fbb0b76ef68844c481d4f7011c","sha256":"2ad432aad38dac62b0cba9f117c30bcc60359c7ab3f417bdff3b483accf569a5","sha512":"206971a6108f705e0c28628b4349d82e31279ad704a667d3d1e498a03b0883257a289e3d1d7412a9b4772ec6cc69066cfd54bb0dc4bd9a405607ac85ab1de8e3","ssdeep":"","tlshash":"48512b455b642edcdbcb876f2ae6ea32701c810effca65507ac424421ade7c10911b9b","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-05T11:16:30.244891Z","times_seen":1091,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/gonggao/chhkgonggao-PC.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /gonggao/chhkgonggao-PC.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 828321\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2785D88673836DF8C7C\r\nAccept-Ranges: bytes\r\nETag: \"912BDCF5409D7D4D1513760B462F7C7D\"\r\nLast-Modified: Mon, 16 Mar 2026 15:58:06 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14470988823402481134\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: kSvc9UCdfU0VE3YLRi98fQ==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":828321,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 820 x 520, 8-bit/color RGBA, non-interlaced","md5":"912bdcf5409d7d4d1513760b462f7c7d","sha1":"07c38a18889499221ded97837d3f112802973a6d","sha256":"812367790cc1e86d6b40aba985de1490e1fbd41c9bbd7fb9cea33b65d0b11409","sha512":"3c0b02ca797484ec9cde25cd561a296d4c37d3083a0082e4fa51dcfa50994a0dd32bdecc1b3c295f2a91e937b5aa614dee5bc1bdbb9302b3881f3efd008eb977","ssdeep":"12288:5hUozhdEhiHTZV3KFkA2UZR0CWxAClqjevXMJEO3pfPtiS0LLcTloJ+V8Mw54sOD:BEEHtV3K9BMCWEivc/3pPULLcpoJ/1Ap","tlshash":"8c053310a7341893a14ea1c0f5a73b47aaf87653c29173950810def8b512f8abdbf7d9","first_seen":"2026-03-31T02:30:20.348512Z","last_seen":"2026-03-31T13:56:43.603078Z","times_seen":10,"resource_available":false,"data":null}},"time_used":2924,"timings":{"blocked":2402,"dns":0,"connect":0,"send":0,"wait":277,"receive":245,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"768tup.oss-cn-hongkong.aliyuncs.com/huodongtu/SJCZ.png","fqdn":"768tup.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /huodongtu/SJCZ.png HTTP/1.1\r\nHost: 768tup.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 248514\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD277BCB28E3235D6E39A\r\nAccept-Ranges: bytes\r\nETag: \"BA65DFACD8F7875A220495C54A884288\"\r\nLast-Modified: Sat, 25 Oct 2025 10:41:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9271170257091462371\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: umXfrNj3h1oiBJXFSohCiA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":248514,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced","md5":"ba65dfacd8f7875a220495c54a884288","sha1":"e283417ef851f24a5371e8e4e5711a3409bdda97","sha256":"33aa08f915175f734a72f0777917bf788cd723d57551263c9b8208f6e825fe3b","sha512":"3a8aadc2f480c0231788dd7b6274c3530aaeb6bd0f78f5460b3612e85f9b072bad4ae2e55947fbd0cf5d30ee2ae7e7844eaa59868283f0960c64cd908d36403e","ssdeep":"6144:z53naAQeEECxfmiNCWdk+jlhTibnM1snxhi9Oy7l/s4p:ZnPQBRm4C+mnLnTvy7l5","tlshash":"453423547676dc3b97e9b8ea5233091e3f2a2464b4b83152047af1a7f70ca0013dbed9","first_seen":"2025-04-25T07:12:35.795303Z","last_seen":"2026-04-05T07:25:07.109926Z","times_seen":26,"resource_available":false,"data":null}},"time_used":1985,"timings":{"blocked":-1,"dns":50,"connect":292,"send":0,"wait":302,"receive":748,"ssl":592},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/game4.a61ff3e0.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/game4.a61ff3e0.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-5ec9\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24265,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 279 x 204, 8-bit colormap, non-interlaced","md5":"a61ff3e07ed89e69d7ec3f7ebf95a1ca","sha1":"dd3ad19d714990595454f546254173ec55103a7a","sha256":"61ad07fac6d060b6afbe6d37acd935f75e1433ecba9cab2770df14894a44af34","sha512":"671b6be5bfdb9c1f5bbb7f8b61d17a385267a46943058f38b05979741e629bf16ec37310f19c59cedb074f9542c0f6883623b7dd9a0d5a2263866d00665b79e1","ssdeep":"384:MtTQEkR10Hjyj2tTBDEM0eN1sWNFQDek3TSyk8xyLPdDAz/GscVZs+FLeMQ4f6T:MKrmPBDDUWNyRXyLHsczFaMLQ","tlshash":"dfb2f23ed54526e9fb43a12c60d8dc5a7c530a87f7d3d81517e298da64e80cd9f10bb8","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.600378Z","times_seen":2631,"resource_available":false,"data":null}},"time_used":397,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_MTDZ.a19b7e2f.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_MTDZ.a19b7e2f.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-632\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"a19b7e2f37d6cbc9195c622e1fa7babc","sha1":"58b92b0ac53dd255b6d102cc16b6bcc628305c0f","sha256":"012d020855cf0b6f731ae1d9b41c2a250dfa87454b362044afcb1e216683f1ec","sha512":"99dc08bb010e3aefd41ab2147bb07f02e530c9d02daf6b82a57c1213c6e200b43240b39a6ad50c011527186c56269c8016feeff894fb84397904e1be72bf589b","ssdeep":"","tlshash":"c231e7f5504158ce646b5d350cd04358f1a74a7e272a34415ab763a5426613d1bc6b36","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.960576Z","times_seen":1245,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/bg3.04727382.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/bg3.04727382.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-50a6\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20646,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 385 x 198, 8-bit colormap, non-interlaced","md5":"047273827a8a6a021d164be6299cfd77","sha1":"522adb2c39f10423edf501eaee62d9beedc336f9","sha256":"448d4ec19ac86b573567fc570025719965183b9d0eeda1dfb5e4cea00eb61bec","sha512":"9d97d04fc97251cdd36b5a6f635e238c55eaafb9fcba574ba90be0a2d5e1e24e2c64c0f47d6038f4f0f88eafa6b7a0cbade152640ab7181986fb17771dd61013","ssdeep":"384:8bQX31RWSSKLez8woYyhl5r2TiPjlEIOQkN+1REhxxiEQzAbgEDdGEciT3DYTQCG:8A3j3nSzGzhT2TiPjfOMREbaA2ENTau3","tlshash":"f692d11657a3ab785de5bda1c56c862f1ffbc5058762dcc0dcf8979e09910038a07987","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.932055Z","times_seen":1767,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":398,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/gamingPlatfrom/findGamingPlatfromListSort","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/gamingPlatfrom/findGamingPlatfromListSort HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":405021,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (63754), with no line terminators","md5":"bafe2f8052571f7c019ee7ed8690d6a0","sha1":"df951593e875844b866ca03c376d74a50420f18f","sha256":"6e31f63663d94cdf6d22818f8484247a2d0cb7d7b454121107f76b8151930678","sha512":"118a7054e778b6d30b984039c45344b19a2620b8459cbc188832a746bda49f0778ae5e7d8dfa33b3960c272939c8bc587f6cf8e5d0e25d5360944636fbda2491","ssdeep":"1536:l+nfeL6rh6sO2qGS6OcawBNsSuFO9iED9j6PCn3lwkBTLq7JE7:l+nfjrQsO2Na+iEAPc35TLq7JE7","tlshash":"cf84059312de4e08231f06e908effcd9d9df590b98d1fca99405cfa0a5f97b1221935a","first_seen":"2026-03-31T02:30:20.344458Z","last_seen":"2026-03-31T13:56:43.588788Z","times_seen":8,"resource_available":false,"data":null}},"time_used":952,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":952,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssl.captcha.qq.com/TCaptcha.js","fqdn":"ssl.captcha.qq.com","domain":"qq.com","tld":"com"},"ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:03.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.captcha.qq.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"62:F5:EA:26:0F:C2:28:21:1C:74:6C:B2:E3:19:6D:7C:66:D5:E0:70","sha256":"35:62:9E:32:B6:A9:94:F6:C5:7C:C5:62:00:F1:5C:C3:F5:D4:69:07:BA:0B:E7:72:F9:6C:6C:CE:26:BA:6D:68"}}},"request":{"raw":"GET /TCaptcha.js HTTP/1.1\r\nHost: ssl.captcha.qq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 31 Mar 2026 13:56:04 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 99680\r\nConnection: keep-alive\r\nP3P: CP=CAO PSA OUR\r\nServer: Trpc httpd, tencent http server\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":99680,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6dc4ca9f1efbcb232c925de44d25b502","sha1":"2bb440e7908c7b4db175075685bad4dc0de328e7","sha256":"d4178c894f1d24b0b69d3d66b42204be3d63e199d25e39b2a53fa416b8c89f8f","sha512":"365ae8c212d95d919b1f141b273e2a24d2c321c9e243434d5ecb3560498201eeb4fda1938fe4153eb1d3802989c4396a75f084d907b45baacdfe0c9d5760db2c","ssdeep":"1536:TZB+ZYK9BnHl7xTYeu24ozqA7R/hISgScvEPhZOWmBW/MNfH4OYsgP+3UKq+0XYy:DwxTYeu24ozqA9/hISgSGOOpBW/wYDth","tlshash":"cba318deb3f1762d05ab6194cc3b9d8e64374c50c018f1b5cfb98687b628589921bf3a","first_seen":"2026-03-31T07:53:15.76128Z","last_seen":"2026-04-06T15:33:40.954277Z","times_seen":45,"resource_available":true,"data":null}},"time_used":3326,"timings":{"blocked":1095,"dns":1,"connect":280,"send":0,"wait":288,"receive":843,"ssl":815},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipwho.is/","fqdn":"ipwho.is","domain":"ipwho.is","tld":"is"},"ip":{"addr":"104.20.44.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipwho.is","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 08 Feb 2026 02:54:08 GMT","end":"Sat, 09 May 2026 03:54:02 GMT"},"fingerprint":{"sha1":"8D:92:FC:3A:95:FA:D5:B9:07:80:8D:11:7D:02:D9:48:6E:31:E9:BD","sha256":"5E:6C:D7:C3:E3:38:C8:D3:F1:BC:74:0B:00:E0:3F:84:F6:19:53:45:CD:82:18:8C:91:90:73:53:8C:57:40:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ipwho.is\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kg365p.com/\r\nOrigin: https://kg365p.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e4fdafdeffeb4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0c803446e75fb294408787c6c64ee800","sha1":"0962274e1fa925799e2d324dcaa1b173a2bbed98","sha256":"ae8d49b8344fca5c61af3aff17d9b1d3f272d198edf935f94b322463b15b57e2","sha512":"fcc0c8057e91b44bda5b3a4e976b202ee97a7127074e4a30026b291cbb5ebe9c0c8d1a626453b2fccccfa46eb67be4bd37dcd855671bdb064e1eeaf262a18276","ssdeep":"","tlshash":"0da0220f2300383a02022e8330080a8002e302f0e0c0230aa00c030e3200cc020e3008","first_seen":"2026-02-12T02:06:55.383473Z","last_seen":"2026-04-07T10:30:13.559809Z","times_seen":591,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":4,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/logo.eb4624ea.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/logo.eb4624ea.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-1da0\"\r\nexpires: Tue, 31 Mar 2026 13:57:05 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7584,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 166 x 66, 8-bit/color RGBA, non-interlaced","md5":"eb4624ea8ffb5e307966a84557cbf405","sha1":"47058f3650b7c31a465b9f1c47a9196c6e4f4082","sha256":"eee4d7c3fb63bf9967429afeec9f0967ee2343c1bac732a099d33a520f9fa332","sha512":"95b1862cf7d68491b110c27c3fa5fa6a5d80816328d6aa2aee019319409ad5a69b9fad7f20d694af0b5b732b3841e092908aba4dc3b500d7435a0d9c01c2a177","ssdeep":"192:rSnknyAAhbEhApHowMC5AfpDMkds3QiNPztdgHs+N:eknyAAhboA9BF5AfpDMkds3QWd2s+N","tlshash":"6af18e98f5011d642b086645a0d9427f7f2b87c04e87dac7a9ce9e630c701b8ce8e7e3","first_seen":"2025-04-05T11:33:17.278673Z","last_seen":"2026-03-31T13:56:43.621145Z","times_seen":22,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":355,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/speaker.ebc59d71.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/speaker.ebc59d71.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-621\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1569,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit/color RGB, non-interlaced","md5":"ebc59d71c5a8e8ddc1be564451b9ce73","sha1":"61431e58b246fce273f8db215bc15ca646d1d332","sha256":"27dda505992003f118375fc0103d7d9c5c6665b75582f01702465f7eafb0d194","sha512":"e7d6a36ba3b47ec99c38d6298704a7e321b6bb6efd46aa8113745fbf6e0682e50f16157d87fa273fa471832ba4a818568829830141626d124a7fa0cec07e151e","ssdeep":"","tlshash":"8931b74dba183c8161dcfb6560f6422b292326c0ca84f4507dcec4c258ad1f9689d0eb","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-02T04:04:02.186896Z","times_seen":335,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/popBG.eac2a5d5.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/popBG.eac2a5d5.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-1eaa\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7850,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 936 x 560, 8-bit colormap, non-interlaced","md5":"eac2a5d59d573dd55122363611a40f87","sha1":"fb38422af4280281abb82624eab81ab85ea74503","sha256":"7a8a530484231d9d492e3252f5e18131ccb5e05b03f6d8a19867fe4e5ae52a31","sha512":"8cbbd8be0f6a0f744930112c79b21fb2675bdf8394860ea923b687215740d21c3ec82028635678d6787ce830ba0da15129e3d79b6dcb997a68ca6c149a488354","ssdeep":"192:r4JWjpMhWEE/s5dvpw1kUmp3b8kryjMOPCQu:rYHrJCqp3F6MOaQu","tlshash":"91f13b7a9b935891178ca3bedc1e2434f78d79d4d2f7a1aaae30d30afd84b6d1005346","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.947478Z","times_seen":1353,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":486,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/FW_download.896ad185.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/FW_download.896ad185.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nCookie: acw_tc=ac11000117749653659397242e0034af5a27460be5876460cdc5d218f92a7b; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-3afd\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15101,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"896ad18571c151b15a2fe6cb9bb0ffbb","sha1":"1ac84287f4ece8d98d1868518460c0bc9cd83099","sha256":"fa947e9daa25ac70fa2801752ecaafbd98c928b87f1473fb3c131544363c9656","sha512":"e55d4aa49a1065887b67cb7689834fc6c64f570c84f6cab428c5d742981a96a5325c7aa57b75fcf208d9150d96a95b526ed87e63d3d3921c8bb6699e1e446eff","ssdeep":"384:Zl/C/jTwj2dnRO947fDkhshsljv0qajDz:ZNWXwj2de4bDkhs6jqL","tlshash":"b362d0d4ed78229ecc074c4783444c54f7aab049196572d0aff934b0268bbd84595dbb","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-02T04:04:02.180621Z","times_seen":332,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_KYQP.b2d25cfc.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_KYQP.b2d25cfc.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-9c5\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2501,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"b2d25cfc8bdb879fbec978c2c8d7402d","sha1":"27378ef9d3e83e26c23d391d0e5168ef01571d28","sha256":"e05ffce656d883679b2e3bb3e3ff8bf7ced866563aec496339fa3a5b66bf0af6","sha512":"aa4acc9e23f41cdb0d42eb9a99af1fc5851415db1455aca39695842f468d32bcc280f5af9331fc60de678617ce655774597a94923cfc05e483ff4a12d4f8ba61","ssdeep":"","tlshash":"3f511aabd7c0eabd906fb407c10d0749b5b99191eee0046330f2ba59e6c80c965cca03","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.667683Z","times_seen":3059,"resource_available":false,"data":null}},"time_used":352,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":352,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/foot_logo.9ed303a6.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/foot_logo.9ed303a6.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-1a57\"\r\nexpires: Tue, 31 Mar 2026 13:57:05 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 204 x 43, 8-bit/color RGBA, non-interlaced","md5":"9ed303a6386f5ee88f5ce850b4a52e7c","sha1":"3ca7e7310dd4121668314f0c511ee41c076ce47d","sha256":"a79540365d878918de9e8cd1e350b2a32838d6ae214986535740e87803b979dc","sha512":"0a0e929a2bae33e64947460220e43a64dfc20bbe5ea45e2252c5bf443e1d91132e3d21ba3c5f6c38572c54b8e357f8353fe0c6b4c05fdfbf8ca5e53ab623a89e","ssdeep":"96:ySi4knmWI5lQ2ijNG4GxbH30HAiIHEKR/8SMOeIu9jwS5Ayb9LHAkJfGDOEofafi:ySnknyajgbEFIXUS+HAa8k4qDCfpHfkd","tlshash":"c8d15b68de80d440ad6dd714a4f6f8324b6b4bc6ef50c841accacc2698415face094d7","first_seen":"2025-04-05T11:33:17.24619Z","last_seen":"2026-03-31T13:56:43.595038Z","times_seen":24,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/memberManager/validCodeEnable","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/memberManager/validCodeEnable HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659417524e00321ee300b3735b536fff3fdadaf142e99b;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c58d1b46911d88cd1aeab63f157ffc47","sha1":"f81542d87916ce58893b87a2e888c4b1af4be9f3","sha256":"0b219ac70a17106dbfad237e8feda1e4155f370d93326aec1d55b6cd05f5eedf","sha512":"ea38780fadd52ceb6f0650929e4d33a1f335a3884add3d1e54e6ccec738b85134e27c3aa20034e7d876116ecdc2b486afba58bd57d01845abecfb2767b59d6cb","ssdeep":"","tlshash":"a4800450341540130c44444c0405c7115d3055540d0513d441cdd1117044dd0d007c10","first_seen":"2023-04-08T20:40:15Z","last_seen":"2026-04-06T15:33:40.932616Z","times_seen":946,"resource_available":false,"data":null}},"time_used":759,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":759,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/memberManager/checkMobileLogin","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/memberManager/checkMobileLogin HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659363677e003d65a2e943757b16e2c3e4fc2484b219cb;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"04a15be29d9e664a9211d14f730a5263","sha1":"a41f7d4f5f1d44bcd52e2cba46e1687e69b016a6","sha256":"9d708a8c6fba84dee214f2573029eb53a2464719941b95f2eaf13afe9a37c3ca","sha512":"e568ce71ca8858b6507c0f263e0920bc82789bdcf7f093ef0f1138b1f264787d2098733b5c6c1f69f054fd465efa0a3e430c6850ea7fd2d61f879615b77f0c84","ssdeep":"","tlshash":"07800450341540130c44444c040457115d3155540d0513f4c1cdd1117044dd0d007410","first_seen":"2023-04-26T20:57:49Z","last_seen":"2026-04-05T14:06:21.700114Z","times_seen":780,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/loading.012e69d7.gif","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/loading.012e69d7.gif HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: image/gif\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-11905\"\r\nexpires: Tue, 31 Mar 2026 13:57:05 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71941,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 280 x 280","md5":"012e69d7da2e7244315ebd6266e39c2b","sha1":"a87f3bb105bedd077ba631249f1fac23da6093fd","sha256":"5af491cda6c22e95a031113b0e3e1650a079af96019b241e71fc53c79c453a5c","sha512":"40586a47155e6081c3e81333330ab7c74e958407bf1a101bbf3e65f33d65e2a9ae9b3fec27479247ea1ad74a53b512cbd4196e8890c0af207e87a04dd2145ab3","ssdeep":"1536:glizh03pwDlugLelxWpiD9HjkKMF8aNzH/6u5lZDVYajJ0Vd5BwD:glizFelAwlQF8a9HRHD1jJ45BQ","tlshash":"5663af39d335073ad62b8bba511750cb140fee2d1ea199638d24a5f71e10a6e706c8fb","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.962052Z","times_seen":1348,"resource_available":false,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/pic4.bde76413.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/pic4.bde76413.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-143f\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5183,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced","md5":"bde7641308cc262de77c9804e7c4bcd0","sha1":"c56a012d8adb59665b5f33e2b79854276847cbda","sha256":"53e995fabb2de3bb2dcc6187c353c5c92f2d88e112ec4ea106f34427dd637fd8","sha512":"faabda45d21e46f24136008774fc7743bdeacdd3db2f13359f9e90486c828e598d8556bf8f99905dd6766ece2e7fe6becf47dea29addaaa29949e22856501f9a","ssdeep":"96:mQ7aYx/gsrVMi0Iv12ph9iMLCPUuySqS60Kg5iBdXYqE:mYgEWix23BCaSN60KzBBYqE","tlshash":"cfb16ce915d12d0232d8d46eb8f7e43dc739b980c3a0e888709a81d75b961ab18280ce","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.930306Z","times_seen":1840,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":418,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/white_arrows.f434bf84.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/white_arrows.f434bf84.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 262\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: \"69c89266-106\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 16, 8-bit/color RGBA, non-interlaced","md5":"f434bf841addde4e6fecf6ba2b8e150c","sha1":"66bcc06c89a9ccc1345d51dcee7a832f6d801e6f","sha256":"741f7db86383915f476995623b0b0ae2718f2b4ae250a45fd3f3f2ab306bbae5","sha512":"44c35adb55236ff509b2835b97b20fbe036e55d4fba0627858519ee104888966d148579ccbff53721d037d88d8ee0521e56e0a568c51e27ccc82978806225395","ssdeep":"","tlshash":"2bd095ca0bd39db4d375c33bd14b2157963302757190910d93cd503c0421131d4347d5","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.931496Z","times_seen":1354,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"768tup.oss-cn-hongkong.aliyuncs.com/huodongtu/FYXCS.png","fqdn":"768tup.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /huodongtu/FYXCS.png HTTP/1.1\r\nHost: 768tup.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 246617\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD277710AC130355F0C49\r\nAccept-Ranges: bytes\r\nETag: \"82A7DB79F4383E2330EEB73AFA6A459B\"\r\nLast-Modified: Sat, 25 Oct 2025 10:41:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16219243480480730850\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: gqfbefQ4PiMw7rc6+mpFmw==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":246617,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced","md5":"82a7db79f4383e2330eeb73afa6a459b","sha1":"84166e2c1cc142a13c0ae2acbd071dc95947f087","sha256":"13d5fe773d4f488eaed8c354eae875caf012bb8e4d2be568dabbaa32ff80de23","sha512":"a28f0ee1f7199883ecf4676b0812a69d3eefb290369564a85e06bd1e78f6c303f40f6f1fb0147499a92174b3f41fdcef34b63cd1bc3fd8113cbb84469f5d5dd6","ssdeep":"6144:jLphae1mxCDmLob7XK1exIGQePKgfRMjtOzF8+V8:BhrMIqLob7XliGKgZMheS","tlshash":"f03423dc0911a33b7a2b617dfc11dbe36ebf5ea50a414b6ca3d33d6618d280c1097725","first_seen":"2025-10-26T20:02:25.84317Z","last_seen":"2026-03-31T13:56:43.573587Z","times_seen":15,"resource_available":false,"data":null}},"time_used":1756,"timings":{"blocked":-1,"dns":39,"connect":268,"send":0,"wait":277,"receive":628,"ssl":543},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j-raw.imglok412nt.com:9663/test4/20260212/GAMEIMAGE/5/GODEZHOUQP/1770877991902.png","fqdn":"j-raw.imglok412nt.com","domain":"imglok412nt.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"j-raw.imglok412nt.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:47:21 GMT","end":"Sun, 04 Apr 2027 09:47:20 GMT"},"fingerprint":{"sha1":"54:3C:C5:39:63:AB:4E:16:5B:96:89:15:66:64:73:C2:07:54:D4:CD","sha256":"F7:E7:BB:F2:57:2A:B6:62:1F:F7:AC:7D:56:21:00:0D:C8:BF:4F:6E:48:55:33:46:7D:03:79:B6:08:8B:D0:90"}}},"request":{"raw":"GET /test4/20260212/GAMEIMAGE/5/GODEZHOUQP/1770877991902.png HTTP/1.1\r\nHost: j-raw.imglok412nt.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 2372\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD27745238F33341E8B94\r\nAccept-Ranges: bytes\r\nETag: \"4559C7A56095038D735409ED80A40DA4\"\r\nLast-Modified: Thu, 12 Feb 2026 06:33:11 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9856801486327616384\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: RVnHpWCVA41zVAntgKQNpA==\r\nx-oss-server-time: 2\r\nExpires: Tue, 07 Apr 2026 13:56:07 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2372,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"4559c7a56095038d735409ed80a40da4","sha1":"efe121e256629f166640c20818de51ac978c533f","sha256":"afd5ef809d775db42b479e64874ed78aea2136814b23180d3f44ef9c2791de24","sha512":"eeb97c530d4aeef6548a9901476b8b7709e2be0948dc8d5e1d6b7e8b675ed2f04f77beaede16ce8faca2fa7404e6d7a1cbcc9a0417faa4a0b8436e7eeb8ff87c","ssdeep":"","tlshash":"37414bef1dd0b46af70eef78323144673917b9a709a37040ad5308533c26b48b4052a3","first_seen":"2026-03-14T11:24:18.127316Z","last_seen":"2026-04-06T15:33:40.936554Z","times_seen":84,"resource_available":false,"data":null}},"time_used":1190,"timings":{"blocked":-1,"dns":51,"connect":270,"send":0,"wait":277,"receive":2,"ssl":590},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/css/main.1ae703c5.css","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:03.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/css/main.1ae703c5.css HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:03 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c89266-3706c\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 31 Mar 2026 13:57:03 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":225388,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1ae703c5a3464d3a3bb671daaa543629","sha1":"43e98c52ed10c6780508eb8d25e27443714123b5","sha256":"aa21fbc83e2939fac821fb9c61506351b2d0e69b99d4be8944b0b38a9745c8bc","sha512":"de80ac72b4b342af9f2c68825c69a9f8ad18ee917929d14a4a2c559851c0557cd17b8fd0a461f7a1937d1dd082d41cfc324927a65aa52b6b7eca2603e37cc29d","ssdeep":"1536:gpsji0pUJyV2X9cTiAyyOaGjg4anUnbJJ2YgjrrjrR:TiaV2X9cTiAyHg4aUnNYZ","tlshash":"d024b532c485241eb137c9ad52e4faca615cd08bd5161fbcba3679a9ebc20d917b7303","first_seen":"2025-11-01T06:19:14.628122Z","last_seen":"2026-03-31T13:56:43.620575Z","times_seen":12,"resource_available":false,"data":null}},"time_used":810,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":810,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/index_120.66855c3e.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/index_120.66855c3e.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-ac3e\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44094,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 99, 8-bit/color RGBA, non-interlaced","md5":"66855c3ef7a9ce7720ca564af110fd2a","sha1":"365c9c48e61a31bbcd5738ea7e26dffdfbc8347e","sha256":"773de2c969cbfbc768a1b147636af01c3056635689e187759ea19b4f2a24395d","sha512":"b81026cae351bc6e73ef494efd07aa6c1854232b5b0c4ef33ca5b3c9c90ff676188225bd1a86ae7258b741956f715de179f1fe153ac121cfc7de8dd188b474fc","ssdeep":"768:hoATFzU2XIF0R/2ArgJO3PX1QHy2D+iZ/pS4OdWko0WfBBfYW9l6wRsExj5vs:hfFzu0QJ0FIyi+iZ/4XWkc5h0w3xjVs","tlshash":"9413f2c124535c1bcb50ab17acdd0f51adc905f6d420ca9e599642ef8b6a0f6c80adff","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.970441Z","times_seen":1797,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/pic5.fe3ccdcc.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/pic5.fe3ccdcc.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-11b5\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4533,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"fe3ccdcc8a2aeb0438c8d69c5351a469","sha1":"76e5587e5436927b049e3d12cc158a82b57b8b62","sha256":"852b064b54e16d1d869075043551f03f96356e96984413162347247998494338","sha512":"f0fdff9cb8ff3656cb1c8cc8e6a44bb88b5fb107857455f13129d6be327bf04a47bcce0cab1d5209c0854265a9463329d0f29813cd09be77ea81206c6b17232d","ssdeep":"96:7Q5r7Kt1He1wRse+575sNgs2Y7INWrlRWadxetqlb1hYd:7cKt1+iNsl07IYlRWgxkqe","tlshash":"26916c15f8a468c073ccb09e0afb46294e3a6558a1f0a17268aec50b49552fd4c58dcf","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.934512Z","times_seen":2297,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/H5_text.709a4d7d.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/H5_text.709a4d7d.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-418\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1048,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 21 x 87, 8-bit/color RGBA, non-interlaced","md5":"709a4d7ddc086cc9324fbf4664f62893","sha1":"c5e0293599d458eb5437372c044782b17d3096bd","sha256":"9e9c519cc5c4c27099601fa756e0cc4c9800505974dd15be8b7ef2d0390037a4","sha512":"b96855ba324a7e472f332b9df750be179554b0be6476a911a4a084b602319d6e659a5ac41d484cb9c50dfe5fa0a3e0d936679e47484f8e5bf6055795c72ceec3","ssdeep":"","tlshash":"2811b5f65be247ffca6632b500b987243ab88851ce639f5900566278800602a19d2a0d","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.971002Z","times_seen":1336,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/gonggao/dailiPC.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /gonggao/dailiPC.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 469067\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2789B1BC933364D14EB\r\nAccept-Ranges: bytes\r\nETag: \"9E0FCAADA0226B9CD118655715A5410A\"\r\nLast-Modified: Sun, 16 Nov 2025 15:19:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16194416425576089717\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ng/KraAia5zRGGVXFaVBCg==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":469067,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 848 x 520, 8-bit/color RGBA, non-interlaced","md5":"9e0fcaada0226b9cd118655715a5410a","sha1":"866434c9d741598b8e6de7b343f7c9a1a7b46a33","sha256":"23212e50d388eef3939b63950b50d5608d42e08e5aa8b198f4983b076f2bbfef","sha512":"e5182f1a3fb2e0045e0fafa6086209d6a9e3d530014e56f3a4f87a723b8d1ff305bf084f24f85a4d3466480a3145b2bce4d03e8e84766b9c0a3f6873656fb9bf","ssdeep":"12288:I8alHlsltEIUYuCS6tn7j9Anlcls4JNPwOqeF:gFspVAnlms4Lnn","tlshash":"1ea4239b2950dd2bd70962b592065d53037ec1a80edefe2cfda963b0b972484a43dccd","first_seen":"2025-12-20T15:15:27.545663Z","last_seen":"2026-03-31T13:56:43.596022Z","times_seen":11,"resource_available":false,"data":null}},"time_used":2845,"timings":{"blocked":2466,"dns":0,"connect":0,"send":0,"wait":274,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/black_message.648bd7bd.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/black_message.648bd7bd.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 462\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: \"69c89266-1ce\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":462,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"648bd7bd1b57cd47f5c4f9d093e6cea6","sha1":"0db14db60a080c02fdda069e61ca35af86b187b6","sha256":"dcaa5839999300e29dcf413a5cdd74bb4d8461292fe4532936722a33761a0f8a","sha512":"d149190cfeffeb01d9b049ade3279919da8afb4a968c9bd79096ca8680fc5c5c9335b50ae88b9166940323b268b109990f15495fffae8a0790ad24ef54f30aa5","ssdeep":"","tlshash":"64f00ed395e8142fcb125b13839c2554b87c655451a2f80ec401417106bf50040eb38e","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.949026Z","times_seen":1344,"resource_available":false,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"768tup.oss-cn-hongkong.aliyuncs.com/huodongtu/SJNW.png","fqdn":"768tup.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /huodongtu/SJNW.png HTTP/1.1\r\nHost: 768tup.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 247142\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2770569373935D29650\r\nAccept-Ranges: bytes\r\nETag: \"CE8D79617568E18A879BAEAD9634A6A2\"\r\nLast-Modified: Sat, 25 Oct 2025 10:41:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8274577146540509145\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: zo15YXVo4YqHm66tljSmog==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":247142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced","md5":"ce8d79617568e18a879baead9634a6a2","sha1":"3f86e716e9c7572a69a4c5374ae21f9d1e925282","sha256":"b2b04346f7eadac088bcf13573300c52b558baad62816077032759a131f97450","sha512":"c044c6821fe5500f09d7515f55404641b09fb3a8ae493e3541cb865c19d8568b6e6c43f117c6b24f730d1b17cc11ce9010f5bc0b7abacd419801081aa5c9dc58","ssdeep":"6144:IImaT9wfMEaYPVjdoKeLeF6WSwrMfnq95/2nlUQGx:I4TeVjdou8WSA5/elUQGx","tlshash":"21342343273ebdcee470e16d8bad5215a30c728ecd792ba1299f4a4e076c1516bc0bc7","first_seen":"2025-04-25T07:12:35.841323Z","last_seen":"2026-04-05T07:25:07.226958Z","times_seen":26,"resource_available":false,"data":null}},"time_used":1993,"timings":{"blocked":-1,"dns":52,"connect":297,"send":0,"wait":307,"receive":736,"ssl":601},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_THQP.6bdd5ad9.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_THQP.6bdd5ad9.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-b11\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2833,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"6bdd5ad9d4099739e01c78f009e84af7","sha1":"337487d219eb37f163526c3240d59657c343d162","sha256":"e464948183a1172d7943b6c0fb0fe72377f9526a3b5dc180a1a7b42784558f94","sha512":"4dbce6231fbbaf0eefc7d0e30e69ddc511326ebab8dd1c8411f77ab70888686c745342ee56cde307f78f868b3f6416f25a18eaef1dfb8383b749bed7acc70bbe","ssdeep":"","tlshash":"e7513c5023988506e38ecc75948d6a30a677b7159de303df3b6e98d61c32d2806d31ee","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-05T07:25:06.930115Z","times_seen":757,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/api/resources/banner","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/api/resources/banner HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653657836148e0032607236d105e769ad3f83efa728cade09;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":383881,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"8ab31455509f69fe9d81b82398604a6e","sha1":"c1b55946c9cc657fcfe3e9f3b695c11d2691673a","sha256":"118630cd55f59c3422ff529cae8e02457d2d2e7505def771a3a396992e63102c","sha512":"ac9f438c08537382942b2d29557dae7b7695b4632e2896390b77b4863e4270cae003fab44282256ab89f8196710923bf6f1b8b39426f547348e66333d62c77c8","ssdeep":"6144:K04JCHQqyGbKPJmTlKeQ5vZR4sIW+2NSIQ+oLzXZI0xJ/J6q:KXCwWbKx4uuIQ+Il/J6q","tlshash":"218412b00a6bad6bd3eddbd4013f3f0ac776478985e4ead70dc1b98d4b49b910c42a64","first_seen":"2026-03-14T11:24:18.121894Z","last_seen":"2026-04-06T15:33:40.974175Z","times_seen":84,"resource_available":false,"data":null}},"time_used":2131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/app_text.5c47b6b4.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/app_text.5c47b6b4.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 801\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: \"69c89266-321\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 84, 8-bit/color RGBA, non-interlaced","md5":"5c47b6b4d2f3f7a1488a000e4e59e0d8","sha1":"9c0ee73429d47087c235c389c6089d43cf03faff","sha256":"c5ef3f437bb30990c937a715aa2e11da55025d46bccb03eaa38e852a451c5d0e","sha512":"bc992a4e8aabeaefc13631c45da39a8b3bc64c7514b1ecfa2430e32672e4b00cd75be82111af4863fc67ba5922228ca5045764069cbf424e1e91953339f18875","ssdeep":"","tlshash":"440186a962508bcec5cb567dd83610d3671a90e0829941ddeab1a9f46c4062bd00d202","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.925384Z","times_seen":1339,"resource_available":false,"data":null}},"time_used":386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":386,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/gonggao/yiwanxianjinPC.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /gonggao/yiwanxianjinPC.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 518151\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD27822AAFC30354CB2A1\r\nAccept-Ranges: bytes\r\nETag: \"BE804C48B999A8EBF549C1C26A2AD0C7\"\r\nLast-Modified: Sun, 16 Nov 2025 15:24:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12689394821183163067\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: voBMSLmZqOv1ScHCairQxw==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":518151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 848 x 520, 8-bit/color RGBA, non-interlaced","md5":"be804c48b999a8ebf549c1c26a2ad0c7","sha1":"9ccd970fce60ee5dc09746c038f760eb4e01823c","sha256":"f1e9e10b8a13e78868b2837af1d5fd514174b20f5a90767759f56d719b3fdf3c","sha512":"4b1fac2b36835fcc296354057e9879a50a213dd4c0e4798808136465c1c2088cbe824e9fcc907ef5d2b77c24ee2be138907d7488890774c56e46d04561b724ba","ssdeep":"12288:nzn/E09L2fbOQ7ozwYF5BdZGCVOyfjhGQoCtymUXkAP:jCr7oHTHZGCJf8HCcDkAP","tlshash":"efb42381398b42af4a2f20ce14b441df1cff87621073978924db6b76a55df287d9a781","first_seen":"2025-12-20T15:15:27.520442Z","last_seen":"2026-03-31T13:56:43.596546Z","times_seen":11,"resource_available":false,"data":null}},"time_used":2955,"timings":{"blocked":2530,"dns":0,"connect":0,"send":0,"wait":292,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/white_message.0f2c889a.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/white_message.0f2c889a.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 408\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: \"69c89266-198\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":408,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"0f2c889ab60de83e088fbea886305bd7","sha1":"e5f597de0a3a4235fa1f8eb4738a14f81eb90aea","sha256":"8f9e052c030ff2f8a99fda4fed5c1d95298858c9a3645d2cc637a1d1a5fc8a91","sha512":"716a2fa6d1c8c98ef9d1e380261cded37d3455de128faa8ce0b975d6847cb6ab020ae6e69d6b9936144b1b6638b05ac3a191148ce3500984248c6d0973e93b5e","ssdeep":"","tlshash":"93e0f14b4399a87f5bd7c6b64f41e134992bfe784aa3404f0a34e67f455245dc8c2783","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.962568Z","times_seen":1355,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":486,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/lunbo/hypc.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /lunbo/hypc.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 944465\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2781F19783630687B8E\r\nAccept-Ranges: bytes\r\nETag: \"FD0F9C368D1828B5BE5B6E66FE7644D0\"\r\nLast-Modified: Wed, 16 Jul 2025 16:48:01 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1383698504282325787\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: /Q+cNo0YKLW+W25m/nZE0A==\r\nx-oss-server-time: 9\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":944465,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 400, 8-bit/color RGBA, non-interlaced","md5":"fd0f9c368d1828b5be5b6e66fe7644d0","sha1":"7c639a4531fd0ef86a1fbbce5bbce1c4afffd353","sha256":"40a2b01b6592f5158f1759c66573dc078f17418a43a7231ad399103cf67510c1","sha512":"f510d0ed6b7305ec872526f1b620e4b6d2aeaa1a321a9584ac9e7c0c295a1987162ac94502ee1e40b5b5f365544f9c52f8cdc6bb633567f4d968095f9875c243","ssdeep":"24576:G141xp+dIJ75T6RIi9GR3HCWz3uc1zdYYuZI0Y5Wc:PmIJ75T6v8R3HCWCgzWYd0Y5l","tlshash":"7415334e4f8fd3e5c7c6cb0c549ccf58eb1cde89e9cc808c64b61c665b7a12910a659b","first_seen":"2025-10-16T06:50:05.053746Z","last_seen":"2026-03-31T13:56:43.591702Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2838,"timings":{"blocked":2028,"dns":0,"connect":0,"send":0,"wait":312,"receive":498,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"768tup.oss-cn-hongkong.aliyuncs.com/huodongtu/XBHJC.png","fqdn":"768tup.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /huodongtu/XBHJC.png HTTP/1.1\r\nHost: 768tup.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 233513\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD277F27FBE30355B67ED\r\nAccept-Ranges: bytes\r\nETag: \"08ECB04145D699971419B137A11E8E99\"\r\nLast-Modified: Sat, 25 Oct 2025 10:41:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1782035319550295830\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: COywQUXWmZcUGbE3oR6OmQ==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":233513,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced","md5":"08ecb04145d699971419b137a11e8e99","sha1":"f841b436cd4ba5be4b124e19d84f497c87176ef4","sha256":"9584b292ee5841f087b54a8757fe0b6ba785c56d62a20005bf642a035c3615f7","sha512":"7017c9bf6038982a0cfb58e02584e8d9e31c6953628032370f3300c6261e47dc12d4eccffd099c6371ed1ad86e619c4f239089dbb4c6f53c1e757c472b9e3a0d","ssdeep":"6144:9WRV5H/+TI7A5Y8ptEXKfeqW/9iH5rukYIFA:9Wj5HF7f8kXKfeJiZrukdFA","tlshash":"003412a5717eab0a1d27a04549b2e1f00afaab4c41bcea477d5df4fc393d087e68804d","first_seen":"2025-09-23T03:46:16.101843Z","last_seen":"2026-03-31T13:56:43.657991Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2099,"timings":{"blocked":-1,"dns":42,"connect":289,"send":0,"wait":291,"receive":891,"ssl":586},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_FGQP.ff6c46ab.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_FGQP.ff6c46ab.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-7f8\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2040,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"ff6c46ab3cb4ea3eff0d00ecbe3101b8","sha1":"b9100ccdec9b188e523cdba650ec1af2a889b515","sha256":"f182c913938f5a2c9b0ca1cd946d88d9cd4ac054c3a5735d6301bbac03750773","sha512":"2586aacac1c93ac03ba9baf8a9a22b02cfb0623043bcb6456476d89ecc9a5e7fc0c8faef6ba95ae47d650ec2ce7e86856d970a3d45fe276d9830273fbf5d4d91","ssdeep":"","tlshash":"f04108efea8f6b902575a62b9028e55becdfc595f1c6c00d849d46233a5e2c092280f4","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.568021Z","times_seen":2895,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_AGDZ.7faaf5d2.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_AGDZ.7faaf5d2.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-a07\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"7faaf5d2cf0fb875a07cf7721d2aa8ce","sha1":"bae0432326274b8dc5323614b1895ad963ebd16c","sha256":"5e83c3a1047365d4e4b137229d0b79ce5d07799915251a9064cb90bcd35110b5","sha512":"c11f13c2f96d14bde4f6588bc1bea1bf707a877450f5fd92b2b1251d4f868770ebb80c8f094c0cff29a8575d570520640f84a12bbef79a2b9884630ea16aa9b5","ssdeep":"","tlshash":"84513ac50b1988bced2ed848887bf183f4466e3a01354b5d763efdb59231069d2612ab","first_seen":"2025-05-22T13:28:36.953375Z","last_seen":"2026-04-06T15:33:40.909493Z","times_seen":739,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/webconfig/findByRecWebConfig","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/webconfig/findByRecWebConfig HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659336186e0032e62dcf9497cd8df9a6f8eaba8b8accb3;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":2069,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"869182d342b15fc8ad2012e7a76429d1","sha1":"46ed748cab3f07524a36c2d1781c7e3ff9f56328","sha256":"93517c0c76c1349becffdd1af338abbc3005ce460ad4d12004957bc0a6154e75","sha512":"43e4a604661eee320e83d1a3ef890c367becc9bdefdb8080547f93b9c1a897c89d270808674b636fbbb1aab68f06779da37cf6f8f3ab3aa24024660bebbd34b0","ssdeep":"","tlshash":"4241efff13cc512f834a03ed2ccf987c99964a97544608afd44619aac2dd9b2220eb90","first_seen":"2026-03-31T13:56:42.583972Z","last_seen":"2026-03-31T13:56:43.582015Z","times_seen":2,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-31T13:56:02.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:02 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c89266-4b3\"\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Tencent Waterproof Wall","description":"","website":"https://007.qq.com/","common_platform_enumeration":"","icon":"TencentWaterproofWall.png","categories":["Hosting panels","Security"]}],"data":{"size":1203,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1203), with no line terminators","md5":"b8bd6a05bccbba801a950dbb7189930c","sha1":"2db6dfa57ac45efe3ee6d5187a267b3614f05ef4","sha256":"913880d8cf71168b8f1910bc52e05aa30a25861b5abe38d053cc0097a37bb0ad","sha512":"7b1808ade31c918e3edc781348d4faf965eda0df3e8ab54018d1be452afddde637870764d6567dd9c034d91796d755d85a4418ca4581576b3bc00685b2c281a8","ssdeep":"","tlshash":"2c21ce63cc05c8885760069af9b1f42dc04ed41defb1ec51ede714aa5b94fad1c68494","first_seen":"2026-03-31T02:30:20.368513Z","last_seen":"2026-03-31T13:56:43.649602Z","times_seen":10,"resource_available":true,"data":null}},"time_used":1273,"timings":{"blocked":461,"dns":42,"connect":210,"send":0,"wait":351,"receive":0,"ssl":205},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/pic2.9c254e92.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/pic2.9c254e92.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-17f7\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6135,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced","md5":"9c254e922d92a0a0161522840f7abbc4","sha1":"df70cb2a35c764b55d0be55fd04225d25bf42cbd","sha256":"312f53ae25564cde8e57ff458ed8dcccb34d62fd01d3cd8e838948019cd711ae","sha512":"e81a284cd687c1216035e7ebceb1a66ca88ca57ac0b100231bd84b91062b6f6922f735d52c8c4567bcb82945eaea508ac6546d6fa16856eec60cc11a0df17bb4","ssdeep":"96:WQgrJfFyKkS2TIxwA1LVD+/Qqz3CdZrbzycmP5/ee7ncB92f4YznEQqQmeZbEsF2:WfjTwdYk3CdZr0B/eknoAfBzEQqQmcl0","tlshash":"31c17e7dee4475051a9ce87a2caf89270db40595cf146042ff4c915b4e807b749afceb","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.94695Z","times_seen":1838,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":422,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/gonggao/dianziPC.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /gonggao/dianziPC.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 482457\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD278CD9B3435326F01ED\r\nAccept-Ranges: bytes\r\nETag: \"95D2B6412A61303F5012601C19A79B74\"\r\nLast-Modified: Sun, 16 Nov 2025 15:22:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6422526457590890254\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ldK2QSphMD9QEmAcGaebdA==\r\nx-oss-server-time: 6\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":482457,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 848 x 520, 8-bit/color RGBA, non-interlaced","md5":"95d2b6412a61303f5012601c19a79b74","sha1":"a72bab2d325558a89b7a90d3a8e2e984ad49f697","sha256":"99fa90008d05f60e68cf57716b19d9d2dc24c4dce363165d91a33befb03e7ccc","sha512":"4926ac98da13da624e160b25f2a5c8804b21965c3209d589b9c4af83c888fcb7f64a54a25dd635aadbe34993cf335255dc2ac2f4f0bb2ed876ca9657e508a67f","ssdeep":"12288:28i1QR5aTC+RFzkM/1oxE9YA90Fq0+h42qFkKQE5:DquaPRVb+x5A9Sq0kcFhQE5","tlshash":"31a42346f914dc22851ba95ba52ff82c6b178687d27c7030a9bdf8e9f8777060c64cb4","first_seen":"2025-12-20T15:15:27.541026Z","last_seen":"2026-03-31T13:56:43.592597Z","times_seen":11,"resource_available":false,"data":null}},"time_used":2933,"timings":{"blocked":2512,"dns":0,"connect":0,"send":0,"wait":293,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_CQ.4fd2edb2.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_CQ.4fd2edb2.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-41c\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1052,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"4fd2edb21d0982be51da073a20831a4c","sha1":"0474600a4682d64891df89ccfc5305f46d21f005","sha256":"0b41b7c5df2a9460671ffbdc2544d7e79a0a78d65cd10cd2a9694eccf9720489","sha512":"b7dcc38db316f53e81a451a8c35bd2f878b1e371c60b41b5b9f38236ab631e9f87e6f9190da5b93fab5be877378a18c1535c1b44d51e787509ebfe70ed5e0b55","ssdeep":"","tlshash":"9411b5eff9a1996f41352d940219430d46ee335b308a00e95384c0be1fa0d278e41b41","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.611536Z","times_seen":3030,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/bg5.f00b3b67.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/bg5.f00b3b67.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-5f35\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24373,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 385 x 198, 8-bit colormap, non-interlaced","md5":"f00b3b67ffffa718cee55011d1299e71","sha1":"71e23f329b55119709a2ea4eec6d4a71479789f5","sha256":"fa94d115329b5148fa2ddd8dde6516eb56863fe09b048cfd0f489882e5a5431c","sha512":"8da1f309a95404939a68618a063f59f0c7553aa1ae8719cf0918a9d2cce8b7a9ea55bf48b2b59912d7e7e66041a9ddbfa5de01071b0a30ae1763f6f6a902fa29","ssdeep":"384:Paz2mIrt9pg/TZt5hTzsEGgXIWiQlD5pZEPZWoGvBqblUaEB/Brh5b8oLKXLWj4F:QUpgU+iQlDXZpoGvBq5+rbpAWjIu7v1G","tlshash":"99b2d16d5386cf5c93156c938138be504e6aa395c5a6dfdf82c38151bca2278f2d4383","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:49:03.510496Z","times_seen":2117,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":393,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/pic11.c5b273d5.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/pic11.c5b273d5.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-4863\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18531,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 190 x 206, 8-bit colormap, non-interlaced","md5":"c5b273d55790e3c07b1b4dbd16053d32","sha1":"72a7dfc6e216b601f912940648ef4ccd196d18e0","sha256":"e27d5667c7af476e8e4c749be19d6617c843f03e556fe7ed9213adbfe2aee7a0","sha512":"969762781d04e66f0261f9323c5707a977952c962c8631b925f9006d2ad516b96ecf73723594e4e6d05083843a3185f9beb18fcb0c08c4697527ef79c9cf697a","ssdeep":"384:YsLjJNF5RrWob+Y+XLPiwLKWzaoj7He+xJn2xBY:VLjzlnaYELKwu+ao/+y2xS","tlshash":"1e82d14723c0db32eafc4f7842a795daa006cc991421dd8561dbf6b94fe1f6403f8a00","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:49:03.484997Z","times_seen":2108,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/favicon.ico?v=1774781116558","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:09.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /favicon.ico?v=1774781116558 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657836148e0032607236d105e769ad3f83efa728cade09; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:09 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c89266-4203e\"\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270398,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256, 32 bits/pixel","md5":"653b3bd117cebbc214866664d24fcee8","sha1":"eeebdac1508894b4415810ba091ac3e0776d33a4","sha256":"fb1503b9ba199e7d0f22231c9f590128fa7590ecf90c77636cf2bc6b68cd9f35","sha512":"5e421b0c85775b28dd63891b84074baebd30233063c4225d4b1adb3f0205aeaa6a5e34d53cec022f36bf37a3f04b5e1a8ce13c024504917459176db017531f94","ssdeep":"384:gtA0AlRy79d7SySEL/bPoEZFmSNwKpZ4ztvyvgpWOlWRe1kHsCbvB:galk/7SyxL0EjK3QGkNvB","tlshash":"974492d8429c5c4edd442e32f5be6c4112e38cda8da945b37b81bfad3509db3aa70c16","first_seen":"2025-04-05T11:33:17.210097Z","last_seen":"2026-03-31T13:56:43.580761Z","times_seen":24,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/js/manifest.1eebaf28.js?1774781116531","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:03.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/js/manifest.1eebaf28.js?1774781116531 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c89266-7cf\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 31 Mar 2026 13:57:03 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1999,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1999), with no line terminators","md5":"7dce38f8f25e921d1a06aacf2b28600d","sha1":"aa4128182ad7dc97ef4c5bc9d6f07ab1a10ce7ae","sha256":"9e238791acfde505e312b9ccb1b6276b4f0fcc1032e4f19e2490b5ac991790eb","sha512":"df7b2a6a5f04d736ec92fa9d1cb1cb1a846f63ca45871d942b6b428c74a4fb1ebaf97b4be14b1c8b7809560f2e9c8128b8338a3cc339af5a69d487907fc5129a","ssdeep":"","tlshash":"2341c6de77a1b9c623f65854062f6178e27c3e162d7ddc64d38dd2693c34c849222ae2","first_seen":"2026-03-31T02:30:20.352016Z","last_seen":"2026-03-31T13:56:43.653743Z","times_seen":10,"resource_available":true,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/pic3.f7040138.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/pic3.f7040138.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-13bb\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5051,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced","md5":"f7040138612029fd7ff4d7be645b74d7","sha1":"9b96f2e47053ab796ea7266c4e61a70f6c24b235","sha256":"d034c575c7f9c193abee96078d0d4eb5c244a91fc48ad407ab40b7ed70e5201a","sha512":"1ef222957993b9cdaa3360f671e901f0e50fb805a41c6fc95a876cf15ccecefbb2bc044f7e6a920dde867191a12dffa846b22b64184c1370917df5240f6c3fcf","ssdeep":"96:mQ7utx/U7Pnrhtmq7pdSae4pzcRvuUolAVw2a7q+XcQ693iPEapug:mGrltmWpcaQjVIXce5","tlshash":"7fa17c68a4c0647f5aa8861236f3920f0c1e8591ddb0f96bb6ce4470dd790da1a3d2db","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.912917Z","times_seen":1838,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":418,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_PGDZ.a8318358.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_PGDZ.a8318358.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 745\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: \"69c89266-2e9\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"a8318358857a0835754e6d59f0fdec6a","sha1":"9013de0c6562cdae0dafbfef0cf083683e4d425a","sha256":"c20d43a1817b94c7e311ead898ab68663629251369c4f5d5809c12204fbe88af","sha512":"12709df6b2ade893a4518a822ff831b7b15d62fcb319f8799979b449b82016f46b14a7053ec9ed5192ac88a31497e65fcf95e070b971c8825c2af2ff85eeb852","ssdeep":"","tlshash":"0c01b5ae4310963892207a45cdee9699c6a1456a8ae40873be6f8918ac0101c3c81b82","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.94295Z","times_seen":1337,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/play.19b8dad1.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/play.19b8dad1.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 834\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: \"69c89266-342\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":834,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced","md5":"19b8dad1ed4cebc408abd21a2d440515","sha1":"c7899744106e3a021a82ad3a1b70de269a383416","sha256":"e70d7e38db1383319977944431ef78d526e380966e0fd18c600bc60c84e42bc7","sha512":"359bb088aaec7caa0ee0017ead99d7c620c213b2e6a6d7eab9f0bfd5dd9e9b79630f708f3308156a7d6b92297b7fcc73984acc319bcae4e5f326baa2d1955d15","ssdeep":"","tlshash":"a401d6dd010a59ead0ca7fd8d52000307011843483d22bbb90cfb7b1ac381a7fd0572b","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-02T04:04:02.214019Z","times_seen":330,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/index_130.e5b41a4b.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/index_130.e5b41a4b.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-14e9d\"\r\nexpires: Tue, 31 Mar 2026 13:57:05 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85661,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 992 x 87, 8-bit/color RGBA, non-interlaced","md5":"e5b41a4b88c1734230b1f32d2996a119","sha1":"a4b7fcca53727c9aacc2f8c18f8ff7c9ede497ee","sha256":"f926f05fdcecfb7ad4aeaf554aa5dac3aeba45594b9553de9fe2c30ff46a1bc3","sha512":"0374b6683ac7d663862a5bc3c2e45ba75604c7d60dee055d3f04ad504166b1b99cef5151a9247743e47f6b082579ddbe460c3ed01ced8b813a218efac0210c0c","ssdeep":"1536:vN33D8NBXq1HxH+K1gZIqxaMGb4zwwdSBeRgl52dMuOBQnkjdwAXw8Rnn2Yz1zmP:1INdOReK1gxa/b4zwwdjgidMbR/Rnn2X","tlshash":"748312a5c804e9eba7c3c7a0f6733108c86c064b78674f5b197de2dcba47186b3118e4","first_seen":"2025-05-22T13:28:36.927654Z","last_seen":"2026-04-06T15:33:40.973639Z","times_seen":784,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":394,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/dervice/queryAppConfig","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/dervice/queryAppConfig HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659385578e00354716079c51b49e48a5e90274981527db;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":952,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"63a8e9dbcad6b37569cb887ba2da44cb","sha1":"ee598024ec2c158b8eb21e4e07d6b07647f2a69f","sha256":"c61a7fbe5585c691d0567d0f06daa9a87801e239449661b459287a938cb5313b","sha512":"64d5a4efa1cdb9b91c60469d5534a6f095402cd2ccc60330407f3d6b0908145b8daf0ee35a77120591e186fd1064357e1ebd9aa979105d4152703e58c48eacbc","ssdeep":"","tlshash":"3a117da363499c6407a449cde05fbe0bc0ed285f1984e8bb85176f9d50bc7f7210d10c","first_seen":"2025-10-16T06:50:04.921701Z","last_seen":"2026-03-31T13:56:43.650643Z","times_seen":13,"resource_available":false,"data":null}},"time_used":748,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":748,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/close.5168df87.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/close.5168df87.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-1445\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5189,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 76 x 56, 8-bit/color RGBA, non-interlaced","md5":"5168df87edaaaa99f5547e9ca5a8cad9","sha1":"124759a0da3f579418f632ad37e3adaa28d08b59","sha256":"a45a90a5c231d6cb59e96834bb23b5080c7b40dc77fcbbbf7fb3ba1bb7dd2d8b","sha512":"63525f88a16c2f854ebb93b4282cc54c8da9d29695fe73f52ba9183a68f1c0b7f2e6026dfae092610953a928682f4e21cffbeb895a07f075a25523901f9c9ec6","ssdeep":"96:eJuKQr+naJkupaLjeSVo6PtpiYu7MBO0I9hfUJUckD5lQ8xbio:eJVQYalpa2SFPtl15/JUND5pxbD","tlshash":"f6b19edcf312ac3348875951e08403f4d4edb06786e38a8e4055fe5d2f62772f2658a9","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.971463Z","times_seen":1349,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/lunbo/xrpc.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /lunbo/xrpc.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 881131\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD27755EA06333915D76D\r\nAccept-Ranges: bytes\r\nETag: \"C44361A242C515B59E6E3EF64747DD3C\"\r\nLast-Modified: Wed, 16 Jul 2025 16:48:01 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11715279900441294700\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: xENhokLFFbWebj72R0fdPA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":881131,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 400, 8-bit/color RGBA, non-interlaced","md5":"c44361a242c515b59e6e3ef64747dd3c","sha1":"904406a6a23e5a9ec58295707314e57170de16f4","sha256":"2ce4a8eaff89c148b090fc38c8eb40893b06d3595e2ab56f18bfdde1f819a5b9","sha512":"e891a5d89a8d3d667f6440c693ff6ac29c08580ec2a0b80f28ab5e6f23e5648764d828e30940df05c93e023b7d08c0c23e82ea6553b437bbc89735e210495851","ssdeep":"24576:SasJZ1fAwLg9izoKgWnKqs7yI6uc13fNWOvw6cUTG3QjQSCjsC:qZ1lLgTKg4sWIZ+pvJTGghad","tlshash":"7f1533d64b0975eb1174f08103915b3f51f64e81f3ea1f7f638279ce0ae1a9a49274b2","first_seen":"2025-10-16T06:50:04.800611Z","last_seen":"2026-03-31T13:56:43.668745Z","times_seen":13,"resource_available":false,"data":null}},"time_used":3015,"timings":{"blocked":819,"dns":0,"connect":0,"send":0,"wait":285,"receive":1344,"ssl":567},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/circle_logo.73f77890.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/circle_logo.73f77890.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-2b2b\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11051,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"73f778902e86c6588f27a5ebf6c05326","sha1":"df28e883182249f3903fe7122fb75e184e6ab55c","sha256":"cfba80a6412c39db685f81bcfab918d5084585547b544760c908b965a405daaf","sha512":"4e65478a95f411929ae140647a93685b0deba15d5a0f26436ea4fb48d2cdeb6cec20ddfb53b524fd35a29818c0d6f578892705bcd3f90849680b253da6f0275c","ssdeep":"192:5Shkn4eRHl9FabfDZ9ZF7SOuw6gVUtUpt+TSwRRHtESr7NXc7pVL1GRMchPwFEt:g6n4eRHl9FaTDNF7SShIUptFw/HGadO6","tlshash":"6932ae28b2927d910585dc8405dc806ac3af9ec5ca41901bfcdec9a3ea52dedcd65acf","first_seen":"2025-04-05T11:33:17.255909Z","last_seen":"2026-03-31T13:56:43.59075Z","times_seen":24,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/live.f92deb02.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/live.f92deb02.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-949\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2377,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 52, 8-bit/color RGBA, non-interlaced","md5":"f92deb0211e187f1924b4b2b5a66804d","sha1":"740e7ecb6e078a5d80192908708e9c22db781019","sha256":"88452fe6d29a890ec54254557d086bfc8bf8821ba504213d78240b0f6d57823f","sha512":"1d8efbcfe7b8beaa1cee8a02a076ffcfa6b8c67a6a80b1b642a2a3ca9775d0a5002b3a17a2c2d9107fe77b7025aceef43c705b73ee0367c086399d9f4199f99f","ssdeep":"","tlshash":"6a413bf3cafdae6881711f74274edb5c877332e355a5c5a6dd27407a50276105011fb8","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.913436Z","times_seen":1761,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/videoBg.4ce7ca87.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/videoBg.4ce7ca87.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-36a0\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13984,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 141 x 166, 8-bit colormap, non-interlaced","md5":"4ce7ca8764d5cfcf5ed1113aa4f69f42","sha1":"44e6751e22647581545d02e6b73649739e3fdadb","sha256":"9132b664f4fcdd8fdf2fd5dc1fc220f8bd2df747c06f9ffc4824beec1ec0fcf1","sha512":"56392760bfecb21c08868426cf86d16f7d7e9080ef8b0b8fd6915eaeec17cf246dc7ddc0aa32a06d18b96ddcabf305b88fde2d2db304d82f721896857ddb51e1","ssdeep":"192:gRgNzz7mz1VF7Zn9Sz+/8o4DT2GfXlz2DKxww/pGz01L8KYm5PfsHk8wnxHgO3f4:eSzzeF7BtYCggz01LTYO+wxH/izsqWe","tlshash":"b852d12c0f1869e88a95b3745bd41cc2d7df15ea328d4c1dc8f6b674494b9e947e4224","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.969036Z","times_seen":1758,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/bb/api/getBaboConfig?t=1774965365407","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/bb/api/getBaboConfig?t=1774965365407 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659405351e00358733ffa2e41ea5059e7edc82836f823f;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]}],"data":{"size":965,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"865639b59fcbe9f08c5eeb186baf1b66","sha1":"94868d683eb0d38e1b93de27afebc2b4994bffa6","sha256":"83de873b809856858acec160c42f8591b8e27ee8eae3d5e5a592917f12065b2e","sha512":"30c32a6ef6716ae9b9dc332924da765a8ba34f8600560c8421a8f7a1c94443f36235f72193475519873f5e2be982e05b8303b6671dcbff37053734c384d0c20b","ssdeep":"","tlshash":"4e11b1a707ec8d256fcdb3e9274df948cd83467f4e8ef285e4605d0c2462ae5238e518","first_seen":"2026-03-31T13:56:42.596145Z","last_seen":"2026-03-31T13:56:42.596145Z","times_seen":1,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/bg6.391702a1.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/bg6.391702a1.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-52e\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 448 x 5, 8-bit/color RGB, non-interlaced","md5":"391702a1280088a40ba6a6252418633f","sha1":"4658a8b35d9b3e2604d6553fd74a4c1140199a4b","sha256":"cec0e8f58b26e0e094ffa707486dff56a59ab6a9edcf151908753e96918827ca","sha512":"59f0db4097a07c5f894a02d8a6e96877f163c8b98104c7fce46ee5fee18544d8a9feea368ffa45824af9ac4c7b822cd240afc79ddc89fe7e97d4a6d113ad5295","ssdeep":"","tlshash":"b421cb99e6025c4157cde95424f5817f5d336cc0ce90e727bd8bc8d328151f98aad4e7","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-05T14:06:21.715305Z","times_seen":607,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"768tup.oss-cn-hongkong.aliyuncs.com/huodongtu/AMHM.png","fqdn":"768tup.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /huodongtu/AMHM.png HTTP/1.1\r\nHost: 768tup.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 228127\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD277F4962B36339B129D\r\nAccept-Ranges: bytes\r\nETag: \"165AE751F9833E70F4F69FA34336BE85\"\r\nLast-Modified: Sat, 25 Oct 2025 10:41:06 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2430102165895964678\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: FlrnUfmDPnD09p+jQza+hQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":228127,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced","md5":"165ae751f9833e70f4f69fa34336be85","sha1":"442bf89e7996eb11bbcfa1cf19a1ce0c66db1f9f","sha256":"266188e9a65483a02cf5daffd387ff6356b0c65652674d0cac30453835efbe6e","sha512":"0ebdbafddb25fe4cb18d6c98e0307184708d023586f67a9682da1ab098f5ec17299e33efd9c1a6b24b0c4c821dc2739d95842f6b6e91df7b5efe8a7482763d38","ssdeep":"6144:DqBgH+UQKCeNvccu9o8JbxyqzMayDbWxWIjiZtjn:2uH+UCeNSnzMzKxfItjn","tlshash":"652423cc97d299fc805ab86e981937358300cafe0cf63510d37c9fa6e6a9111df2e195","first_seen":"2025-10-26T20:02:25.850092Z","last_seen":"2026-03-31T13:56:43.619993Z","times_seen":14,"resource_available":false,"data":null}},"time_used":1817,"timings":{"blocked":-1,"dns":38,"connect":280,"send":0,"wait":289,"receive":643,"ssl":566},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_SSOCHESS.38b855a8.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_SSOCHESS.38b855a8.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-4e4\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"38b855a84ccacac73668f58942653447","sha1":"ffcf9265f20f8177e0d1aa00b3bd21ad5bbaaf89","sha256":"29a5bdc29537df4f1e2c0629c1fd0884cf81fc24021a93c02b19675cf9684b4c","sha512":"9f5f0cc5e8a209a65cadec6c3081bfddf350a7882e303d5e5bfcf7dea028ef034dcd94a14c715c49cd592d79558a5820b7ea5a03c4b54b45a1b3ca833d096d78","ssdeep":"","tlshash":"00213dd4435a4fb5f4c4dd2f10141575e5d806228e365c5fa40f491f3e5d00c28ec7c4","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.735686Z","times_seen":3050,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/dervice/getQqAppId","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/dervice/getQqAppId HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659397242e0034af5a27460be5876460cdc5d218f92a7b;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b962b26b9d2320b710d1acd20aa921f6","sha1":"e56715ca6663a86610ea760f11b499c99b0b2bbc","sha256":"8a8d68134982b626a485ac552cc17186993304877b9145e5b0bac41d21ccd281","sha512":"cdead3b178f7ec6889c7680690437cc7eaf9a45b29149aadd0908da71b8a13a1b7b95a3dbda42e6acdef9ccb218315ac24784e1081fbb602e6df1575b846bb9c","ssdeep":"","tlshash":"93c08c6622c814410c4fc8880e492708709c32ab4ecc2685810a8e016aa5690ca01830","first_seen":"2023-12-20T06:20:30Z","last_seen":"2026-03-31T13:56:43.569301Z","times_seen":36,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/js/main.46f28393.js?1774781116531","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:03.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/js/main.46f28393.js?1774781116531 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c89266-71cad\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 31 Mar 2026 13:57:03 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":466093,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"639de83c608f63e4e0f1525422555200","sha1":"f7fdd817cfb30578b896736d42e08b10fa50349c","sha256":"609817227ffe41be87e49cfddb1bed726f638a5bd4067ae846aba2dcdd7f9689","sha512":"6ad8f5d3c951a17f4ef8306ee71ebe7e6a8167f804d2f0e91d4d1db378957b2f4715cc744fc1b580e00e4b392533fefe8b7e477519a0e2d8d9721394b048cae6","ssdeep":"3072:9F38e5PqusfA774In/jKFhxi00VBYmK7wbEn6TrhaeTpDaDq:IFe00Mmc3nc6q","tlshash":"f5a4e849b141b8ab03f3a17a802f1559f2b52895a54c8c50f368cde7f9f6558a32ff38","first_seen":"2026-03-31T02:30:20.407006Z","last_seen":"2026-03-31T13:56:43.594562Z","times_seen":10,"resource_available":true,"data":null}},"time_used":606,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/index_118.c137e92b.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/index_118.c137e92b.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-927a\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37498,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 100, 8-bit/color RGBA, non-interlaced","md5":"c137e92b0bb1f532ef1988b06d4dcb88","sha1":"8ebfc9e94d9ba9bf90a9e44b8b5e1739cace8fe8","sha256":"47ce991e682ed9fa859ef76cd066d26b1b1f6b023356131b7197029ef49b9c64","sha512":"0ba4e8486b381f1673c7018dbb31bcf84f872879598b749630be77775fa3695456deec3c82ad61c2e2266091c594b969013b96dcd1815c8eb772dd85ce9593a3","ssdeep":"768:M/LhSQO29l4O9ALz3PzYWdQPDwoC2FGHRvKOLPBcWfKOU:M/NSU5yz37ndirCoSCMPB/fvU","tlshash":"44f2f257e83f93d309da5ac4a6f3d0bea62fd08e27b7091421e46522d2d42771f541a3","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.940027Z","times_seen":1800,"resource_available":false,"data":null}},"time_used":416,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":416,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/popsys_title.6896cead.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/popsys_title.6896cead.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-1b55\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6997,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 119 x 31, 8-bit/color RGBA, non-interlaced","md5":"6896cead41fcafcc8440897a93e3afc2","sha1":"df534bdef2ff60f40bca0b36c84facb4a7fb341d","sha256":"af79ae53e19b76e93ed9d89724272ba63023bc846cb7bf88b3e25f2d19c47909","sha512":"29f098dba61a22e051cbe702e50dab62a09ee70676c7a541b5cfca5d2749cc3fa3febd5490a80cec99fbd034715f99fc54b8219b772f615b39bda9a2ce78302c","ssdeep":"192:Vz7wvY9WS/4xvKRuIw1E5PRLWUW11kqw6p:VSYoS/4xauIwO5JUB","tlshash":"08e1ae4075c54920cccd2ca664a9d2e3a38a4cafc5f9d90c3865df9605165ff8f225d9","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-02T04:04:02.198769Z","times_seen":345,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/lunbo/sjbpc.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /lunbo/sjbpc.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 1075495\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2779B1BC93336DB0BEB\r\nAccept-Ranges: bytes\r\nETag: \"944D75CCDDA7B09067662046FAA25836\"\r\nLast-Modified: Wed, 16 Jul 2025 16:48:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4218219342850393694\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: lE11zN2nsJBnZiBG+qJYNg==\r\nx-oss-server-time: 7\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1075495,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 400, 8-bit/color RGBA, non-interlaced","md5":"2425ac930fe2d3c8474bdda5754d1489","sha1":"762c15f84d7680b818aa144f75aba112a68201a8","sha256":"6fb09da088d4b564db9ee5facf1d51265644b4d4482d4cbf632d7fd5831a7dc8","sha512":"e16acddb55e2d1e9e4bc42ed0fb5291fb7c6638af69e07c6ee1e67e36876dd581c4c973cf6bf72696c99f5c6c8cc45028a61edd1eba2965949885144b6ee4009","ssdeep":"24576:mfKD87SAdu0S94tIwWJBxnpfUu8JSf+N211ef:+K47uz4tKJB0r1g14","tlshash":"8e25337d1934d714f4e2f631e81cfe090b02578cb22b3c7708b69aa5a9d0c1aad6d53b","first_seen":"2025-10-16T06:50:04.541986Z","last_seen":"2026-03-31T13:56:43.639607Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2964,"timings":{"blocked":798,"dns":0,"connect":0,"send":0,"wait":284,"receive":1336,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/lunbo/hmpc.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /lunbo/hmpc.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 917491\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2775D886738362B847C\r\nAccept-Ranges: bytes\r\nETag: \"AD6ACB88EA43BC571BAE2C2B1265BF5B\"\r\nLast-Modified: Wed, 16 Jul 2025 16:48:01 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11249522615108566178\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: rWrLiOpDvFcbriwrEmW/Ww==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":917491,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 400, 8-bit/color RGBA, non-interlaced","md5":"ad6acb88ea43bc571bae2c2b1265bf5b","sha1":"5729a751791c1f53e2b1aef05cf604486c38f9ab","sha256":"bf5da03534142216ba159853d75a637fc956bdbef98d111bafab29f572e516bd","sha512":"5e53a6a608f40fa6144a3e170053e1b22982b32b6fbb3e9f1c9587312153441fb10cd49445c1fcc800a55119fdef6b8d9db5142666df4a4027f10f059504fdfd","ssdeep":"24576:Jdz8gfXdPk6h9KjXx4mZ+eN2l4vRylMyaQFcVrBDd158:4eNsWqKmZ+3l45bSSVJL58","tlshash":"a91533caabc7454f00d1c2d8ad47a9c4071c2f40da5d5d8ee43a3986ab9e530987daff","first_seen":"2025-10-16T06:50:04.449902Z","last_seen":"2026-03-31T13:56:43.658833Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2894,"timings":{"blocked":795,"dns":0,"connect":0,"send":0,"wait":283,"receive":1270,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/bg4.c304c7e2.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/bg4.c304c7e2.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-7236\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29238,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 384 x 198, 8-bit colormap, non-interlaced","md5":"c304c7e2c206ae6718404f97fb2d7d83","sha1":"9b7fbe7eca84e5874cde211dd94f0f7690f5dde8","sha256":"84ef4da649b1940061abe399dec13146f9933e5b6cfb78d991806bc05f96887e","sha512":"271018fee721801aa0c0a5e2f15e7e8fa2b12d1265561360cdf9eca4ed900537b1c55d801ebfc980cfd0370c0ac6e7637250a89794134aa1b5a76e431e6afd2f","ssdeep":"768:YpDhLvpx8GgU0xoe/fpLgLPglyz0ROw2s4Uy56jgTti2:YVT1gzxoe/fpsz4m62s4kE02","tlshash":"6ad2f19f4f43d1510b41d8b636390b0c99021a6ac8058b2e9cbb61f2eae8c175dec79e","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:49:03.495435Z","times_seen":2101,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/liveBg.5cd302c2.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/liveBg.5cd302c2.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:07 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-39d0\"\r\nexpires: Tue, 31 Mar 2026 13:57:07 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14800,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 306 x 162, 8-bit colormap, non-interlaced","md5":"5cd302c2fbabd593652e0b996753cf05","sha1":"fefb9a833f04fcd4f955e3d4590f08c5e6aaa523","sha256":"7f6a833091ab61da14a6f879d99ac3a01f054ef4a21e8ad911dddbb1d405b4ea","sha512":"982634139eb091a866312e58df9b47937fcf25254603753401c5e19d807ae8335bd4e8c07da369c3c3c93d601c068bce2a96402a03f1b571e7db8bdbb4194843","ssdeep":"384:iatndd7bCz+Td/e2y9AevLwDLY6uHf5xhkbX3w6c8T:iatnf7EIU2ujwkHhxubwPg","tlshash":"5062c18e94ae496623e7d23382c8ac1515d88445e12993fd1dd2e24294b37d0c72faf9","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.950606Z","times_seen":1759,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/gameNotice/findgameNotice?deviceType=1","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/gameNotice/findgameNotice?deviceType=1 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653657822365e003814b621c85642e213f3cfacc606018b8f;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6343,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"6679e6ef30d8b908358bb8858ed48922","sha1":"80a06912a4646e9f4603e0f190cd9fe10c86850d","sha256":"f376fd7ca16442557ddee8a02acdf894f24f9325a19debdede36f164e07d9ccf","sha512":"3d9d97475b60b2c3427a652392e0ed8e8894f4b8a22c300ccd24da27fd4d9a96eacf9ab1883118a6d877c941c5fa380a6d4383538d8d5b9719ab6e38df20b0ab","ssdeep":"192:IJ0b7b5b7IjxabXbhbabYf/TW3HFiPwuC9Gobg:5IlYf/q3liPwuC9M","tlshash":"bfd1115b43088f39c3a581d9819a784771ddf11f7620cabc9b7bded8ac7b6f11219204","first_seen":"2026-03-31T02:30:20.364472Z","last_seen":"2026-03-31T13:56:43.595517Z","times_seen":10,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/common/loginCheck","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/common/loginCheck HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659423621e0039063eb0eafa5936b2c727de9b1c1bfc0a;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b6c178a501ceb685e2757fa9db54fb69","sha1":"0a33ea88a3874ac81ec3c73b3f51fffbbde1d772","sha256":"b070f7000dd0a05307b583aa31eec95e21922c2fe317aceae7ff0a348038d4fe","sha512":"b3a42bd2626e5aa7b0738261d7f4044f89c5c79ae5199ee705de7b7b50020d44a1a964e17eceb7b5ea63cab79c3eb355fba6fa211c8cd0c756b44293bb16f67b","ssdeep":"","tlshash":"829004015c4d40c31c404d5c01c30134175537470415075000dcd73153550f1d055c1d","first_seen":"2023-04-08T20:40:15Z","last_seen":"2026-04-06T15:33:40.920532Z","times_seen":1404,"resource_available":false,"data":null}},"time_used":759,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":759,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/pic1.d07f9514.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/pic1.d07f9514.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-140f\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5135,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced","md5":"d07f9514294e1339263d5b61d138556f","sha1":"1838fff017f14515f016de0ca1913de3c5d5b844","sha256":"964c71605a10467fdd4d7817fa6b6fdc34a1b916034329c41a0a2950f03be86b","sha512":"7f3f7e380a7c5091aa401eb06e92e29a716743d31ab85b6f4e20008bcceb946c6dd2469149d9b5ea973ea7602f36eafbd18cbc4e45da0942407f7c2ec46148e8","ssdeep":"96:WQSr3xcIRu4e61X2Bhi2TTRFWrqJk40dsTe0OxtAKJTv:WxxrQ4b8risRF+U10dsT/sWK5","tlshash":"7bb18d92ba29d9c8b9ece0417ca5cc338e9308644cf1a4d2d5478213de093f9224fef6","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.91739Z","times_seen":1839,"resource_available":false,"data":null}},"time_used":426,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":426,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/gonggao/365jtyl848x520.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /gonggao/365jtyl848x520.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 496644\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2799B1BC933364816EB\r\nAccept-Ranges: bytes\r\nETag: \"BC7C6B93B72CDF97F266AA341835856A\"\r\nLast-Modified: Sun, 16 Nov 2025 17:01:39 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2603847273889675861\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: vHxrk7cs35fyZqo0GDWFag==\r\nx-oss-server-time: 5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":496644,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 848 x 520, 8-bit/color RGBA, non-interlaced","md5":"bc7c6b93b72cdf97f266aa341835856a","sha1":"509b8456aa0286aab31238e8bbf2a99fd9eb4e29","sha256":"f1402ae24317372d6f4a40824d3d8e5133ad7a4b2f7d5aaa44d2a3eea3c1face","sha512":"5072ac42c0acd40e6e41e934ec822f5bd83dd9e7c1823c87d034fdc7a710aebc04071952cf1a0e79d0670fe2d68105676a8e95d7652ebb141e623d5852b72ff7","ssdeep":"12288:OYBUm9LDPyuJZYu56ehFkuv2J7rntIjeOfGBCY6:Bam9fPyiiugGLe7rtIje5Cb","tlshash":"28b42360228d8f8f116cf1726bd7ca46e06831398652e1ccd45d9e8d060e15dfb6b3f5","first_seen":"2025-10-16T06:50:04.647648Z","last_seen":"2026-03-31T13:56:43.585994Z","times_seen":13,"resource_available":false,"data":null}},"time_used":3221,"timings":{"blocked":2837,"dns":0,"connect":0,"send":0,"wait":279,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/index_13.5ffa0e25.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/index_13.5ffa0e25.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659397242e0034af5a27460be5876460cdc5d218f92a7b; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-e3e\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3646,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 126 x 34, 8-bit/color RGB, non-interlaced","md5":"5ffa0e25cb239bf89ba9b6e0f38badb7","sha1":"724b7547bea92017f24ef40ec937f0ce4882e739","sha256":"452336e2269f845b7da15295580ff0dd996cff151bbcda80730f58851e4168b3","sha512":"7ec7c3f94ce70c509b4101d8ade58bba5f020d313dafae921079a008d569f9b6d680f506bbb2c2ea7cbe185ee0db6269c6d720aa3862de7ce44a0c67e1bb3c9f","ssdeep":"","tlshash":"55713c447e14b9e09cc8d53002f2feab6a752281cad46298bedcd820bb71bec54495e7","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-05T14:06:21.711909Z","times_seen":603,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":355,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/game5.ee55a2b1.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/game5.ee55a2b1.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-7ab1\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31409,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 323 x 218, 8-bit colormap, non-interlaced","md5":"ee55a2b1f98267da2e9f3d61030690b4","sha1":"26d0ea3546621075b7d19766e8288a4aeb5eb998","sha256":"52eb0c7aac3a60a0837fbe933657ac940225b6f1ef27d9e5eb84891c225e52ea","sha512":"92ebca66567f1dfeb2e5a5b1a80b3a5b0a50df321cdb5e3ec152253a530623240eda635b31b2d98789d6a62634c7df0223422d55e0421034ab955e07025b60cd","ssdeep":"768:HBqjxyf0BdLYJp6z4+WY7P2zUCsV1LdrBRuG3u/jLn:HwgfYMf97U3DLkMu77","tlshash":"17e2e19ec2941a64efed1bae7596c09144c360863ef2b020253b5079bd7c6b0bc9c4b3","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.618427Z","times_seen":2628,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":408,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/a15.a86497eb.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/a15.a86497eb.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-7bd\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1981,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced","md5":"a86497eb1c6f3fa7e286eafe5c0e8c44","sha1":"ba95a5887fa5baf565ef12436e2d0be61350c91f","sha256":"2931042b2435abb9574f461a774fdcd51d111880c3685ea70f642be58c0636df","sha512":"cc902d01069cda087b2ac4fb76110d77cd2e628236fdd22aa794f8da92ce34c8d3f5ba828bf423fafdb8eb6f7bf4b58761c55ccb1076d4d43b2ed04e2ef45ed2","ssdeep":"","tlshash":"c941285cba847ca152aced2058e4ac7f1a175840ede0a180be8bc08b5e542faa84d1c3","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T15:33:40.922767Z","times_seen":1346,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/kefuconfig/findProblemList","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/kefuconfig/findProblemList HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659401526e003646ad9fec68929aad71fc30c97053a67a;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":4563,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"9551f23c46137347048c9da72a0dd8b8","sha1":"e1741691328c6861ec43b1a4af1dd8aa05a0f951","sha256":"be59a228e8ca44f445ba43e54862897d23ac6f21be7372fcd5e7901aacb708f6","sha512":"3226648e58c6276de2693681d38c6b0050ca6f72074c811de42f62124cbc493bf9db2e77371deb77d82b0e5890c5b48df2ba6f98ea09618c576bea289c5d7ba0","ssdeep":"96:IvKmftqJzmoIye4oHCnoxjtAobdwsD/Xw/kvU6y9YuztLpb0YGkA0ErjgBM:IvKkqJzNmbxuaNfwU6Pbi3gi","tlshash":"1a915227847cedfec946496795ae7015a61da283e1080fbdae1fee64e5f33363904311","first_seen":"2024-08-19T21:03:24.895983Z","last_seen":"2026-03-31T13:56:43.614534Z","times_seen":16,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/webconfig/queryCustomerServiceByMemberLevel","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/webconfig/queryCustomerServiceByMemberLevel HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659387241e0034222fc88c0c95cbd22f19a01ecfe604a6;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"468a813c1eb17b5cbca9f4a2b2792d26","sha1":"c9bfa4fcc765c15bdb797332d8ba293cb1525b7a","sha256":"7abfae2731deaf90f72544f285dc87241cf2544556afe402185490f8d2a65c94","sha512":"6e564d413f2700902150ee0274680714d9c2d8d035dba3b20f49397b42b695d47447ddfab70114e2831d0973486aba34091d2d2d03678da9804d90e11d5aa36b","ssdeep":"","tlshash":"11800450341554130c44444c4404c7511d3055540d1513f441cdd1117144dd0d407410","first_seen":"2023-04-08T20:40:15Z","last_seen":"2026-04-06T15:33:40.933999Z","times_seen":1186,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":756,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/FW_totop.3ded4fa5.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/FW_totop.3ded4fa5.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-3876\"\r\nexpires: Tue, 31 Mar 2026 13:57:05 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14454,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3ded4fa5c48e4063ba74d62b3b97e1a5","sha1":"c15470deb31a1a12a7d3bac8b6dd008cf091b468","sha256":"d8032fcddbc91269bc9bca7fcd560f2aea98bd009abfd6943d55c43b49480eaa","sha512":"7a3d542fdf225fbbcbf5ab4227496635c8a4929737a98123d28b175bca5dae7fe81e2e76cf3128b2b984fb2ac811551cd6092b3b74e3cef63239552ed377ac7c","ssdeep":"384:WjshWrNAdlqXlHey950JQAs4oFdsA/TMq9FzHwmqpn1fYWH0:SSWxALU0JQr1YgQsV7sn2","tlshash":"4652c0d9643d74d114622dccd13fb0337ce9ed4a2d98dcc7a8bb70e6980650ae37a856","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-02T04:04:02.184061Z","times_seen":335,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":700,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/arro.77f0350d.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/arro.77f0350d.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-45e\"\r\nexpires: Tue, 31 Mar 2026 13:57:05 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1118,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 6, 8-bit/color RGB, non-interlaced","md5":"77f0350d80e88b9a7a1e073e7cec2f43","sha1":"60ecac41dc69eec39fad5b4d3a6c7560ea78a736","sha256":"2ffb48e40be2171aee94ebc4ee87e839f87af841fd0becb6452633a8128407f8","sha512":"8cd44aa87d63820d49979a6f223582fa05424d3f74dc2ae25bd7de56685b9f796f2fe387a59c385cd90500fef67d6bb256f19f5504338b079e16741531530d22","ssdeep":"","tlshash":"c121466df6512841e2c9f76234f5407b5b371880cea4f05abacec0935db91f658288e7","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-05T14:06:21.688713Z","times_seen":592,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":700,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/lunbo/qppc.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /lunbo/qppc.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 923757\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD27722AAFC3035C3A9A1\r\nAccept-Ranges: bytes\r\nETag: \"CDF5B916EABD02F9D7647CD0A18636A1\"\r\nLast-Modified: Wed, 16 Jul 2025 16:48:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8810378331351481984\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: zfW5Fuq9AvnXZHzQoYY2oQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":923757,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 400, 8-bit/color RGBA, non-interlaced","md5":"cdf5b916eabd02f9d7647cd0a18636a1","sha1":"387a024f6e932efdf6d0752d043645b76d82d375","sha256":"92d024abb76f8ac3c0379a42e42001717607a0a5eb50afceb24ae22cef73c7ee","sha512":"9366f1c19a53ab9c06917ff8cfc5d24e5c415ba4de5893d14e0d85b7fdce7bbefd5f75b6772f99272e19e27f6dc7b13f2836b22ce77795c56277f7fffe913c17","ssdeep":"12288:QQ2qSDuVD6yrXoPPwq1lCXO+8zmHtTFQGxJ+yJvHyjuIEY9Qb/3SfVOZoKx:2zuTGPEH8CH5J+yJyjuIEYKbKPKx","tlshash":"2715330947b477528a0f7e5acb8a6a1062ce2e2faf59e2c775c5c0767b5a6c53003ccd","first_seen":"2025-10-16T06:50:04.815161Z","last_seen":"2026-03-31T13:56:43.591259Z","times_seen":13,"resource_available":false,"data":null}},"time_used":3050,"timings":{"blocked":830,"dns":0,"connect":0,"send":0,"wait":297,"receive":1347,"ssl":576},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/FW_server.f815ebef.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/FW_server.f815ebef.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nCookie: acw_tc=ac11000117749653659397242e0034af5a27460be5876460cdc5d218f92a7b; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-40d7\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16599,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"f815ebefd9037ea96dafa78890065150","sha1":"8d6f78464940bfe3714d5651ae70143854138c47","sha256":"c41fd8dd9d9cde2427f48f840e86ee638efb9b32c1cfec36922899a9a439fd78","sha512":"5714869f28164afd16d25d64c55d95f27206866c2455bd7835a86188c1664dbc459534884b93412d19576eeab801e4debdf663d19caf23c2ce1fd731718fe194","ssdeep":"384:0JY41irom5c7IJ30TJaR4iZWoLMnNmfpd:0X7zICTsR4ipLMMxd","tlshash":"da72e02215ac5e31e527fb0111d3fab28ac917090e133a9c8927b1ee11fffa29402b35","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-02T04:04:02.192335Z","times_seen":332,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":402,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"768tup.oss-cn-hongkong.aliyuncs.com/huodongtu/YZJR.png","fqdn":"768tup.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.168","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /huodongtu/YZJR.png HTTP/1.1\r\nHost: 768tup.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 220713\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD2771F8563383412256F\r\nAccept-Ranges: bytes\r\nETag: \"48090F5454E39F0AAA720B2C34DB8207\"\r\nLast-Modified: Sat, 25 Oct 2025 10:41:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6738181241567938288\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SAkPVFTjnwqqcgssNNuCBw==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":220713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced","md5":"48090f5454e39f0aaa720b2c34db8207","sha1":"3347c7066d0c90177b2246eb9277f1399c5f0388","sha256":"26fd312951f3ddc022bdec8d5bec107e373d5a0bb76ae8753d4008cf20f3dcbe","sha512":"01af49bf3ab6f5d4557eb0221d96002bef6bf065cb23e237a8564f71d0e5524f95f66cda5495e306ac0cb6e3c85e671ff158fcd24908d4c330fb692176bb6141","ssdeep":"6144:B++AY1N3Kc2lrfOiRDP10TpLc2+HMcAidxhkdCs:BTA23KHlwcdHK1z","tlshash":"0f2423421a29aece546ba2fc1d7d328d061d42c5b7cef63347cf73b7ce9126824518a9","first_seen":"2025-10-26T20:02:25.869112Z","last_seen":"2026-03-31T13:56:43.586677Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1867,"timings":{"blocked":-1,"dns":35,"connect":284,"send":0,"wait":307,"receive":666,"ssl":574},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/gameBg5.5ff40831.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/gameBg5.5ff40831.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-13526\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 590 x 200, 8-bit/color RGBA, non-interlaced","md5":"5ff40831503057fd7a34d6ac9a81f9d8","sha1":"dfc27195d714ece16f2921fb4d024f8c01c02507","sha256":"aad9309f3a99f9efb384c81edb93630dd802bee8edc124d3bbf963a7c5b6fb3f","sha512":"df7d96ad2b887085db98cecbb176ab58e039ba9706cb038b37602dd15b00772ba2868efc0df3efec3b878ee9c913c2898164b480abf3724c246878a821b9462f","ssdeep":"1536:P2G70WKa1gKtsJGxJbLtPPUkNWkL3FX+rM1+nAmV1fbPPZNZ8t2:eG7LRvtsJG3HNUkNpLwg1Le1fbpgt2","tlshash":"c17302ad73ac4923f4d8d56f987b113feb023db7e5bc57159c8a72601c1d1eb894208a","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.597512Z","times_seen":2285,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":401,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/wheat.9ef498dd.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/wheat.9ef498dd.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-b85\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2949,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 101, 8-bit/color RGBA, non-interlaced","md5":"9ef498dd8465505d9350b876a2bbfbcb","sha1":"750cf2338e9809099ab1712a7d09970e51bb9de0","sha256":"59eea0cf958c82633a36c32d5e2b2d88faa9a8549f3db375df2f2a4e77613d47","sha512":"401f8a02a0b62ab11235c0d58a7ba7275f216689b3997fcdbc4bf02aeb89ab758a41f0ad529a51ce89102a13d781f127d7fab93c2cb01a9cfd9f349d13278c35","ssdeep":"","tlshash":"53515df7c71bd8c40c62a8f495657cd95a2214dc5cc09f36cc5b8d1001f8aa51cd4cf1","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-05T14:06:21.66679Z","times_seen":469,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/gameBg4.a4ad7c62.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/gameBg4.a4ad7c62.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-15ba2\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88994,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 590 x 200, 8-bit/color RGBA, non-interlaced","md5":"a4ad7c6254c3c6a5e70d8b3fd193b70b","sha1":"7ecc0a5bf1b22a92042d01ed3bcd3b48ea90854f","sha256":"fe4958989ad9625c4ea89ded31d56d9ae2f1aaf143096a2d92b6d951fb8df0ef","sha512":"c8fb871fd678f355eef6fea7077938864d83bad6e9259fac72e9aca1b842a39ef9c92ec2dde61e648951ff5129674db2ea1fd2461031d3523e4945586ae7235e","ssdeep":"1536:P1N1v3/g5QI3hBs7t1djtiE/1uVhOU846/BajqdHTxTlJXF8BRfcfD:pv3o5QIy1djsC1u2UAHtfrocL","tlshash":"909302dc9813669510df86b42ed3a4329f19c6202dc816d2a81fa981de91dfbc10fdfe","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.610586Z","times_seen":2291,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/favicon.ico","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:09.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653657836148e0032607236d105e769ad3f83efa728cade09; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:09 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c89266-4203e\"\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270398,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256, 32 bits/pixel","md5":"653b3bd117cebbc214866664d24fcee8","sha1":"eeebdac1508894b4415810ba091ac3e0776d33a4","sha256":"fb1503b9ba199e7d0f22231c9f590128fa7590ecf90c77636cf2bc6b68cd9f35","sha512":"5e421b0c85775b28dd63891b84074baebd30233063c4225d4b1adb3f0205aeaa6a5e34d53cec022f36bf37a3f04b5e1a8ce13c024504917459176db017531f94","ssdeep":"384:gtA0AlRy79d7SySEL/bPoEZFmSNwKpZ4ztvyvgpWOlWRe1kHsCbvB:galk/7SyxL0EjK3QGkNvB","tlshash":"974492d8429c5c4edd442e32f5be6c4112e38cda8da945b37b81bfad3509db3aa70c16","first_seen":"2025-04-05T11:33:17.210097Z","last_seen":"2026-03-31T13:56:43.580761Z","times_seen":24,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/js/vendor.12c75c43.js?1774781116531","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:03.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/js/vendor.12c75c43.js?1774781116531 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c89266-bd215\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 31 Mar 2026 13:57:03 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":774677,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a21dba9b92d9c15a12d20a3a1b38ae09","sha1":"8256701ce2055b8c240df7b8391a16f8010289a8","sha256":"9553b8fa6cf2e91f500bdafd3571b2de7168d518c931b45edc78d9f309d9d034","sha512":"09b80545e6b136495fed95f1eb916119c7818d8e8a23c4ce6fa4569b4384437069c3adaffcb2c1fb344348bf482f5bbf32d8226770471f1d8bc678c5bbe3fa6b","ssdeep":"6144:m3MA4xIRhzVPMHF86h+eDnaMcUY+lo89R36RmKew5vdCq+lSrr8g01FE4:4MC6ni29R3I5vdCq+gKo4","tlshash":"41f4f7c9b692f0a543e760f5402f150bf23aa919740e85a4f251e8e5bcbc89e513bf7c","first_seen":"2026-03-31T02:30:20.369435Z","last_seen":"2026-04-05T07:25:07.19423Z","times_seen":68,"resource_available":true,"data":null}},"time_used":808,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":808,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/webconfig/findByBroadcastConfigList?showSource=1","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/webconfig/findByBroadcastConfigList?showSource=1 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":848,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"8fcafb94f9b1d6528d2ff674058b189d","sha1":"3117ea797f5aa08dbe381888af5bb13bfebeb364","sha256":"d53515c9fad20245d77c10019ff9fba188b2a4eeb570b5a0b95bf67502b4c584","sha512":"b2bd10fb272ed6013c3b164504ee1395f0f8242b1308b1f6bece201a512c385e0dfdfbdbcd3f121a62f293d8e298c5f16e19c703f11a6383ab3891728002ebd5","ssdeep":"","tlshash":"48014c97b18ec4648e9f4dc5c0bb2f09c1ce184f9d01de8984b77e546150afb2106215","first_seen":"2025-10-16T06:50:04.867733Z","last_seen":"2026-03-31T13:56:43.592171Z","times_seen":13,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/adminnotice/findByAdminNoticeList?noticeType=1","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/adminnotice/findByAdminNoticeList?noticeType=1 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653657933633e003d22e3e5fffbe1f9f65c2f544d3671d92c;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":626,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b95cb393a89cf8c2816e052ced8ea536","sha1":"a6b26426ad84ee627f4f1a9e6dce306fbaff858d","sha256":"93801521eb3ae84f2b868694dc5be5ef27f6cedb04814de21dd7ccde45e2d63c","sha512":"8d7261c94f00ec561fc580404d8ef0849ee0534e421b950ef67defa47d24bf05b366f464f7ffcc5b051d6c7bb8636e599dcea0069dc67f58c5395f1798987410","ssdeep":"","tlshash":"d9f002af05acabae9ec1d5c03f5fca2c761c9a6cd11c675c9c99e488b8006b2c54b50c","first_seen":"2024-11-15T12:17:54.566278Z","last_seen":"2026-03-31T13:56:43.624581Z","times_seen":15,"resource_available":false,"data":null}},"time_used":707,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":707,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/black_arrows.c62eabd7.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/black_arrows.c62eabd7.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/static/css/main.1ae703c5.css\r\nCookie: acw_tc=ac11000117749653657831253e0039c544979c351776b21a0bc704b7a6956e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 341\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: \"69c89266-155\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":341,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 16, 8-bit/color RGBA, non-interlaced","md5":"c62eabd7e31f0be5d63713bae6b18c84","sha1":"d38ff788eae867ef12ce5121457ed29595d44710","sha256":"de5f2caef8739bec0d19033ec292872dcdd4156b10cfd1172d93f7e8e0af8e0d","sha512":"20723732f688274f389e00e5b2363eba9eb7a188453688ddc3fd4393847545ecc80bd7fba7f1a2ff88cf4846febf387a5f2eadae63f524664a7ac53e3e4ed9bb","ssdeep":"","tlshash":"22e0c0dd24156a9e9128163b53da40b4cd15157d20c91a995158f233573128895d4138","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.948542Z","times_seen":1344,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"j-raw.imglok412nt.com:9663//test4/20240809/GAMEIMAGE/4/PGDZ/1723182880876.png","fqdn":"j-raw.imglok412nt.com","domain":"imglok412nt.com","tld":"com"},"ip":{"addr":"8.217.174.232","port":9663,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"j-raw.imglok412nt.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Thu, 05 Mar 2026 09:47:21 GMT","end":"Sun, 04 Apr 2027 09:47:20 GMT"},"fingerprint":{"sha1":"54:3C:C5:39:63:AB:4E:16:5B:96:89:15:66:64:73:C2:07:54:D4:CD","sha256":"F7:E7:BB:F2:57:2A:B6:62:1F:F7:AC:7D:56:21:00:0D:C8:BF:4F:6E:48:55:33:46:7D:03:79:B6:08:8B:D0:90"}}},"request":{"raw":"GET //test4/20240809/GAMEIMAGE/4/PGDZ/1723182880876.png HTTP/1.1\r\nHost: j-raw.imglok412nt.com:9663\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 31 Mar 2026 13:56:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 1443303\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD277DB0C183431879688\r\nAccept-Ranges: bytes\r\nETag: \"A3F7E41001D3BCF31F6DA3F8EA0D3A2C\"\r\nLast-Modified: Fri, 09 Aug 2024 05:54:41 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11110496427479416292\r\nx-oss-storage-class: Standard\r\nx-oss-server-side-encryption: AES256\r\nContent-MD5: o/fkEAHTvPMfbaP46g06LA==\r\nx-oss-server-time: 3\r\nExpires: Tue, 07 Apr 2026 13:56:07 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800, no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1443303,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"da000ffe830d8518121182bc68c02cda","sha1":"c0f27b90b40033e5848aa32b8dfabb1dad971ddb","sha256":"0023a7b9b98f915d0244eae74147e7aff9c38fb149d8073e39c9e772b7a86dce","sha512":"d2e10135e667a4052da83d9d47f629ca1764c3ef0fb685db800d9c8dd9c728a258289860cc868bffd6d0cfa079e980b29cb1b957a4e268834e8d8be75da2bb6a","ssdeep":"24576:HG+16uq+iSKd18TSP53qrqNbM0wTy6Og5k:HG46u5iSM18TSPpqrn0wTyAk","tlshash":"002533a0fca1963fe619f8dc0eb529cc7ad085821fb644eb992c0450f0a8ff35e555d9","first_seen":"2025-08-09T00:54:13.972696Z","last_seen":"2026-03-31T13:56:43.622173Z","times_seen":54,"resource_available":false,"data":null}},"time_used":8025,"timings":{"blocked":-1,"dns":66,"connect":528,"send":0,"wait":557,"receive":6318,"ssl":556},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_JDB_DZ_LHJ.e9abc7b6.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_JDB_DZ_LHJ.e9abc7b6.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-45b\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"e9abc7b67fddb2880031bf73645d192f","sha1":"34621c96f88e7f5d5b53ba22bc44333adf1774cf","sha256":"fa7a1bc8f100ae2d85a779f6b063c2d43306250d4306cf70e20c632755fc3d3e","sha512":"4b8ee5ae51d4e30517b5dd6a69d06cddd4363a602d95592c59fdc075b7e75f79398efb4b6eb1d2ae59ca6baba3a58c5155f1a58aca9dc6fb1eba4575d60e9696","ssdeep":"","tlshash":"2721f991c7fc030caeeb45d4ca6485f7a89c52d952f591c420f9e50fedb020af2a1003","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-06T20:15:07.590815Z","times_seen":2826,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/LG_THDZ.6bdd5ad9.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/LG_THDZ.6bdd5ad9.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nCookie: acw_tc=ac11000117749653659396188e00322e5e7678332d38cd96387941e1adddee; baboConfig={%22appId%22:%221c4e832b-623a-4c23-8c77-1fe8fbe90df9%22%2C%22appKey%22:%22VwBiADwAOQBOAGoARwBdADwANABdAGQAQwA4AC4AaABYAGsAXgBAADsAaQBxADkA%22%2C%22videoListUrl%22:%22https://dfty.sporthtcieta.com:8663/#/matchResult%22%2C%22hdDetailUrl%22:%22https://api.3KcQN.com/4nQx2v5/PO5m%22%2C%22dhVideoList%22:%22https://api.ustJ6l.com/Lft1/Aw2HO%22%2C%22isEnable%22:%22Y%22%2C%22courseUrl%22:%22https://dfty.sporthtcieta.com:8663/#/dishTutorial%22%2C%22eachwayUrl%22:%22https://dfty.sporthtcieta.com:8663/#/notice%22%2C%22menuUrl%22:%22https://dfty.sporthtcieta.com:8663/#/sportRules%22%2C%22teamLogoUrl%22:%22https://ai-bmp.cffygajeba05img.com:9663/team_logo%22%2C%22baseUrl%22:%22https://imsportnxtyop.com:8663/sport_api%22%2C%22animationPlayURL%22:%22https://f2VL7GkJCieq.oss-Rza0tZwx0S.aliyuncs.com/f2VL7GkJCieq.json%22%2C%22upayQuota%22:%2250%22%2C%22upayHost%22:%22qm.wpqmqx5yqs.com%22%2C%22upayPort%22:%228553%22%2C%22upayUser%22:%22wpmq%22%2C%22upayPwd%22:%22EDR0H2LI1YOJLrkPYAGvIefG%22%2C%22ipayCustomerUrl%22:%22https://mcTJFEt.fBi3vt.xyz%22%2C%22isIpayMergeChannel%22:%22300%22%2C%22bosuQuota%22:%220%22%2C%22bosuBankQuota%22:%22100%22}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-b11\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2833,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit colormap, non-interlaced","md5":"6bdd5ad9d4099739e01c78f009e84af7","sha1":"337487d219eb37f163526c3240d59657c343d162","sha256":"e464948183a1172d7943b6c0fb0fe72377f9526a3b5dc180a1a7b42784558f94","sha512":"4dbce6231fbbaf0eefc7d0e30e69ddc511326ebab8dd1c8411f77ab70888686c745342ee56cde307f78f868b3f6416f25a18eaef1dfb8383b749bed7acc70bbe","ssdeep":"","tlshash":"e7513c5023988506e38ecc75948d6a30a677b7159de303df3b6e98d61c32d2806d31ee","first_seen":"2023-05-01T09:37:06Z","last_seen":"2026-04-05T07:25:06.930115Z","times_seen":757,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/js/5.2f93cbb3.chunk.js?1774781116531","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/js/5.2f93cbb3.chunk.js?1774781116531 HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c89266-1a3ce\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 31 Mar 2026 13:57:05 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107470,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1afdb233975f343be77426bb8829a5bf","sha1":"e026a836bf827ec9c3e3139093477d9ffae2c0c4","sha256":"c8610e0bde83ebd34201e88c98f07352fc0259aaa83e2141434df5168903c3ae","sha512":"821a91a1ca4f58f610c0ed9242c6971f292206d1fab3fcfcfb3512c9301d230d21d74091006a72c2c204372c88474f11212824c5ac5a2616d896bcfe77e90688","ssdeep":"1536:SAorRQUIkMAwAFNwU1BAUkIDL39yK5hrFem0LTa:SA0AWPwU1BAUkIDL39yK5hrFem0LTa","tlshash":"9fb3749658a0214990330956cbdc4f68973cc75768724cee3366ac8fcb55bed23ae723","first_seen":"2026-03-31T02:30:20.40786Z","last_seen":"2026-04-02T04:04:02.218243Z","times_seen":66,"resource_available":true,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/api/resources/logo","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/api/resources/logo HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653657892367e0038edd4b1afc7cafce93ab96df11c759d87;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":215088,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"82e31f5437f146ab26498283e95918c2","sha1":"3f6099e06046cc78faa5f0761bf5eef9022b102a","sha256":"4cae772fb1b7440d7fd9a5e7e132126ad2a03fff0f851301574d4e9ab4517a2e","sha512":"6f8a90184ed4b2230614dc3d9b78b0e55e1c8a24f46fa55fd0291dfa89165a634d3eee76b99d31631e7ebe98550c8caa853030ef5c1e0e3e22c1d8d1f50777f0","ssdeep":"6144:dF7v6MFthw3j981p+l4RdMmv9e7iNfqKoBp6M3m:rpzhgEusMu9e7ilqtb3m","tlshash":"ce2423972d553f6943b10d8ff42a8d29cad14c626c18ca9c4f3ab8e1d3d4d05393b2b8","first_seen":"2026-03-14T11:24:18.06154Z","last_seen":"2026-04-06T15:33:40.938638Z","times_seen":79,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/api/resources/icon","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/api/resources/icon HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:05 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653657863579e00392267ea57e304768130aaaf5c326c39da;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":237667,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d163f6073b0848dc73c627ae7523ff12","sha1":"aae8ba2d16f6246e046fa3ab4ac094e8164215a7","sha256":"02428aeba99bb2514bd2ba7264844196e354f2c893254de8176f13764c9b56f2","sha512":"f7033878f07fcec72f0ba0d3edbf4cdab1eabdead9c6bc5de12ca24feb0434229154e54581befc8b315d288e794f73b2b5a871a45ff1b4f7ed021d4c85584446","ssdeep":"6144:KKHVPiGbVE1uPFEUmzW+ukgadZpmpbxOMR:VNhxE1XtzXu2dzgNOMR","tlshash":"b33422f3974aac199878111c37e532397926bbf4982c10f085d3d912b8ba77dfea0d61","first_seen":"2026-03-14T11:24:18.090543Z","last_seen":"2026-04-06T15:33:40.959014Z","times_seen":78,"resource_available":false,"data":null}},"time_used":736,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":736,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/member/webconfig/findByRecWebConfig","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:05.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /member/webconfig/findByRecWebConfig HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: undefined\r\ndeviceInfo: {\"mobile\":\"Firefox 134.0\",\"os\":\"Windows 134.0\",\"browser\":\"Firefox\"}\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: acw_tc=ac11000117749653659395579e0035a96984381dd3c4c1dea9f86719018ba0;path=/;HttpOnly;Max-Age=1800\r\nvary: Accept-Encoding\r\nx-application-context: application:redisson-cluster:8888\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":2069,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"869182d342b15fc8ad2012e7a76429d1","sha1":"46ed748cab3f07524a36c2d1781c7e3ff9f56328","sha256":"93517c0c76c1349becffdd1af338abbc3005ce460ad4d12004957bc0a6154e75","sha512":"43e4a604661eee320e83d1a3ef890c367becc9bdefdb8080547f93b9c1a897c89d270808674b636fbbb1aab68f06779da37cf6f8f3ab3aa24024660bebbd34b0","ssdeep":"","tlshash":"4241efff13cc512f834a03ed2ccf987c99964a97544608afd44619aac2dd9b2220eb90","first_seen":"2026-03-31T13:56:42.583972Z","last_seen":"2026-03-31T13:56:43.582015Z","times_seen":2,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":756,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/index_124.5df98b0d.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/index_124.5df98b0d.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-9251\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37457,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 100, 8-bit/color RGBA, non-interlaced","md5":"5df98b0d240d265dfca61441de6f8671","sha1":"ae62dcbb5a41bf3a23f9ba5bc96a55259220311b","sha256":"247dad65d1c071c7be01d9a6c7ff30305fa7a8e0c1752472f07a4327db2a35a0","sha512":"426efdd810c94f707376539bfa05c52ecc31e35d36ad8442d4414045e2b5415cc4cf35130842562f52fbd52707d00382ea04a582f60253eaf93b193637c550c8","ssdeep":"768:MtEVyxKMz+/B9FGMpKKFBozw8gQ0zXTJ3A0PdKvIvizbPg/jcU:MCVpMz+Z95K2BozxgQOTJ4zbwj/","tlshash":"fbf2e1e7aeac0d08854c31089cdb91da8186fdc4d023e66fb812c9e775e6d7763426ce","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.940612Z","times_seen":1797,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kg365p.com/static/media/index_122.a31a8c20.png","fqdn":"kg365p.com","domain":"kg365p.com","tld":"com"},"ip":{"addr":"20.2.172.20","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kg365p.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 02:10:34 GMT","end":"Thu, 11 Jun 2026 02:10:33 GMT"},"fingerprint":{"sha1":"FF:78:20:20:65:03:2D:A4:36:87:B3:9F:8B:27:F7:6B:7A:E4:4C:3C","sha256":"1D:DB:CA:7E:E7:0E:AF:53:F5:74:B0:EB:C2:D9:98:32:47:99:90:88:C0:DD:9F:B5:CA:BB:F6:52:7C:D8:1F:6E"}}},"request":{"raw":"GET /static/media/index_122.a31a8c20.png HTTP/1.1\r\nHost: kg365p.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 31 Mar 2026 13:56:06 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\nlast-modified: Sun, 29 Mar 2026 02:45:58 GMT\r\netag: W/\"69c89266-a14b\"\r\nexpires: Tue, 31 Mar 2026 13:57:06 GMT\r\ncache-control: max-age=60\r\nx-cache: MISS\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41291,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 100, 8-bit/color RGBA, non-interlaced","md5":"a31a8c201c157f356e881b396f55c447","sha1":"365fd3776a08265797ab76fcc8dccd7f6042b805","sha256":"8caed534998f41b9940f5cb1f6cadca915f215985470c383b421dd84a17e9c28","sha512":"5d912840a9c587b0f8a1210f3d92421b486966924a8f3e8358a23c889c19e3e39e3ec256e75ea10535677610c5fe005c192e47c0489ff9d8f4f368944b183077","ssdeep":"768:MA7IjRJWgZo7YV92z/d32L8jn5mbfvjOCiYPNHxqdPCWbB8VoOW0muktu96kR4QF:MA7I1JWgZNkz/kL05mHWkNH+PCWbB88k","tlshash":"b20302188e017dca13f35ddd11d1d237356237918db9e30119b989e71e2aeeb4d38a38","first_seen":"2023-05-01T09:37:05Z","last_seen":"2026-04-06T15:33:40.955892Z","times_seen":1794,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":413,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"kg365p.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"kg365p.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365huodongtu.oss-cn-hongkong.aliyuncs.com/gonggao/yingxinPC.png","fqdn":"365huodongtu.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.65.228","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kg365p.com/","date":"2026-03-31T13:56:06.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /gonggao/yingxinPC.png HTTP/1.1\r\nHost: 365huodongtu.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kg365p.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 31 Mar 2026 13:56:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 481628\r\nConnection: keep-alive\r\nx-oss-request-id: 69CBD27855EA06333955E06D\r\nAccept-Ranges: bytes\r\nETag: \"297F996081D11BE93A07F1D2E9A6D0A1\"\r\nLast-Modified: Sun, 16 Nov 2025 15:23:35 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5147549664491057753\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: KX+ZYIHRG+k6B/HS6abQoQ==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":481628,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 848 x 520, 8-bit/color RGBA, non-interlaced","md5":"297f996081d11be93a07f1d2e9a6d0a1","sha1":"032e41ea012e634ff4a8a2eac4159d16f3b37521","sha256":"80c8d3480b2d5f5cb017b6b1aa03c42b5b28785b3609103a88f159910241d1b2","sha512":"28a9408ddcec0265f3f5db168f7bb61aa1438677a5d457c285d91aa86045e9e404add531a02090f6e7afa4dfa0b571e87942bd504e35ea7e8a887ddd48f3427f","ssdeep":"12288:qReWV8NPQyEf0iUX1hywMu0sZLcwcerACkTkpkD2iQDQ:q8dNPQy8dUlpF0e8QERQDQ","tlshash":"dca423c611d789fe9d71f66912aa60ea0d9e0dd68fef03814839def94119bf4c4c2b21","first_seen":"2025-12-20T15:15:27.565891Z","last_seen":"2026-03-31T13:56:43.657037Z","times_seen":11,"resource_available":false,"data":null}},"time_used":2943,"timings":{"blocked":2511,"dns":0,"connect":0,"send":0,"wait":289,"receive":143,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}