{"report_id":"5b6229eb-b646-4b56-b0b2-21823690ca0d","version":6,"status":"done","tags":[],"date":"2026-04-09T02:31:36Z","url":{"schema":"http","addr":"wkhyi2tdqzxha8.com","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"104.21.80.205","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/#/","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"title":"Home","dom":{"size":69787,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (30456)","md5":"96a444144cb57c56f6c756f4b794a87d","sha1":"ecb911e95026b2e8f5eeba115748a92e86846a27","sha256":"fd673327394e353401b237924abaad8ed97622a3eddcdad31ecefb6f30813c9e","sha512":"a32332e2feb143128054ff45c14dee20aa0bac347afa09758b0cdaf4d2d6321651bed181aa56979ffce0a8fea9600169916060d75fea68b00de02cd1eeba93bf","ssdeep":"768:e3TeIRHURimiZXwN8ZW4NrNsHxvEU9e+EzYlMQt/AyYRJirrxRco/7:eFRHYimixwUNriHxsU9rrrxRco/7","tlshash":"cd633030f48a28b6bd77c4c6b668ae0d3686fb37c0541954f76b1b680feb8e02c55794","dom_hash":"domhash2e36d994468ec1ae40d577d63add1ec6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wkhyi2tdqzxha8.com","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"104.21.80.205","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-14T02:31:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"ws.wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"api.wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ws.wkhyi2tdqzxha8.com","ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-23","domain_rank":0,"first_seen":"2026-04-09T02:31:13.707313Z","last_seen":"2026-04-09T02:31:13.707313Z","alert_count":1,"request_count":1,"received_data":983,"sent_data":562,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api.wkhyi2tdqzxha8.com","ip":{"addr":"104.21.80.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-23","domain_rank":0,"first_seen":"2026-04-09T02:31:13.706145Z","last_seen":"2026-04-09T02:31:13.706145Z","alert_count":4,"request_count":4,"received_data":16304,"sent_data":2238,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"124.222.174.117","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-04-08T22:12:50.414611Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"wkhyi2tdqzxha8.com","ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-23","domain_rank":0,"first_seen":"2026-04-09T02:31:13.708532Z","last_seen":"2026-04-09T02:31:13.708532Z","alert_count":22,"request_count":22,"received_data":3880236,"sent_data":10320,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/index.1c197ac4.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"29a32b8394dca0abe4ac09370e705591","sha1":"6539c7b2c31b9eb83d977aab8125e8db3d806d6e","sha256":"9a10c6337a8bc1837cd3a7c838ce38c8f36ad8f6a093a6b1188fa36791f2ffaa","sha512":"fcf54ce2095f677070b46da54821337782617dcf403cd55db670cd1192d2d1e52287758f354866baeb8d9a0c266f7d3d730c16399a21ef746988f4d4229db877","ssdeep":"6144:7n6Qcd4AexV5/xeyuyYtyi8OQ9MUjPxeJsMddcHFophRKF96NHZ7s:NAexV5/xeyuyYtyi8OQ9MUjxe52","tlshash":"f244f85a344aaebf87a62285285fbf0631f61ce32884d4d743cc6f415fe92499723b71","size":254038,"data":"","first_seen":"2026-04-09T02:31:19.206116Z","last_seen":"2026-04-09T02:31:42.231514Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/chunk-vendors.c82102a0.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"43cd703d4df3107b05d0ad11f48e33a6","sha1":"14061531deb35faf2b912c3e57fbaabf8bb27222","sha256":"582515fe1eb0624875f240d55d402b8ffc100f9fd1732c7091f0b831355774ba","sha512":"9e2c5851cc40b159fba9f673129ca01fac04248f6b73bd4ad3218622b074ddd3c99016fdfe5fecec91ef8c00f4954e108f176b230f956d20927792d15b77bd60","ssdeep":"12288:4weo/xCgFxkOIzPtamsz0tynwIO5t63tYm4sE3VFxqDZ/rE5f97:vHkO6Pti0tPIStqqJVFxqDZjE5F7","tlshash":"01a51bc876d1b0a583a365a5402f500be33ead686c4c4454f767e8e36cb9a8d5237f3e","size":2257149,"data":"","first_seen":"2026-04-09T02:31:19.207302Z","last_seen":"2026-04-09T02:31:42.232628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/pages-ai-transaction~pages-index-bibi~pages-index-bibiDetail~pages-index-contractOrder~pages-index-h~3e7c297f.d8ab442d.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2fa987667091c8edc1850abd0ce0d9cf","sha1":"50069618dd3ad1584626756aed69de924df1be67","sha256":"c1078397c8cc8fb4158a79f76dbb9a98c36557fcf8826fe76f2481d03a7ba634","sha512":"4281ffa0243fa7f54e9d449856bce763725da764d4adc59920c8ff5232a2fa7a1ec19ce7b050b9169707a43b6130a2534d62d44ca834d37698f5c1989c9c0cfb","ssdeep":"384:FRRCXCdSCjJu+pmoUI3BV6W0DRYYxU1AlHGbO0GTk:1CX61uEmDI+WKRLxU1AlHGbQo","tlshash":"1672d98cf4c2f446059360b2c13f4209117a6d987517a55c7bfaeaf20ea9a8d2363f7c","size":16941,"data":"","first_seen":"2026-04-09T02:31:19.188071Z","last_seen":"2026-04-09T02:31:42.216064Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/pages-ai-grade~pages-ai-pastearning~pages-ai-product~pages-ai-quantization~pages-ai-transaction~page~9a27baf4.3e631338.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"66d5b041ca33352cda1653ebc5196c41","sha1":"c61c36d08586e1fd70bedbc21582574c366ecc9c","sha256":"d2bd917eead3b6253aa9e236b538abb7153b84c2098489273e704eb937fcc31a","sha512":"b8a21146a4be3dee144586a083220a0da66d46c05d672721c3e2649c95d425b6c98a92a9b6bd775d90c78914f0aaa2228f6060e3da6954e94bbf885686fc4a07","ssdeep":"384:MyQQVHa3OXLE43iThxxqxA8u7C1iuiu3JD:MGJRZEq","tlshash":"55b2bb92e45c08e4bffbe40f935e721f6a447fa5c0a098649dbb818e09ddb7115b4b2c","size":24225,"data":"","first_seen":"2026-04-09T02:31:19.191297Z","last_seen":"2026-04-09T02:31:42.224371Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/pages-index-index.479ff7ca.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"816cd6483eeefa060ec548ff2104f027","sha1":"a226eca55db4064bd4a198bbc3dc6b4b16194ed9","sha256":"e17cec86ca04383d3979fa63f2d48ca94a103191f3fe1015597f4925515436b0","sha512":"0db8cd83e12e9dfb95e09be42308670c04236a01aae37942087a3be976cd9003bff0cf65660dab9bd9ff20f185f299aba08aa15757b343af2bd11ee0973c3ceb","ssdeep":"12288:uYXIDBWOfwF/H9OJnbeGQpGDeJlJQW+oEssMm00vZx4Q6JalPDJL8RiR695lovN:u8+gOJnGccJtybMm3WolPDJL8RQ695UN","tlshash":"0135199cb654b03543a770b4056f090f9336690db50b85a8fb69e4ea6cbd44e323bf78","size":1085731,"data":"","first_seen":"2026-04-09T02:31:19.208282Z","last_seen":"2026-04-09T02:31:42.233911Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1b17c22ebce0d3513e2066b34994b370","sha1":"654276b80e1693f6af1bda17c896ec120431cf5d","sha256":"422e25890aa37cbe958a672622cdf00b6d804a39478d2aaedf99edd0ddf366c6","sha512":"af32a06e9cf784426649531239e48f731a74d06fa9a2857d98926029d2715716f08c284c9fcff3db187c48dc9e00e6b715a3f2b82f9cf87e453431d3d9d4c526","ssdeep":"","tlshash":"29c08cb836201430074bb21c713ce3883db300023003350bb41c028d0ff0ec44231ea8","size":180,"data":"","first_seen":"2023-03-08T02:37:39Z","last_seen":"2026-04-09T02:31:42.234584Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/images/homepage/13.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/images/homepage/13.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-19d2\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ywEhgvyfPjErrfWez5HQF2gYYkmoB%2Br9VvAoRFgeeekg90UaKT19%2B5HNkDpreTXNo4i847wCdZcKlD0XUrajodCaSVxYZ16lumK2Blv5gxv2WNONRYFCvbjDtIFCLUq5tIYcKV8%3D\"}]}\r\ncf-ray: 9e96182a7fd876ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6610,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"553834d62a212aa0a4d4d315a5260cf7","sha1":"08e0556f80c164e95ce30fa8fc6cb230db9d459b","sha256":"39b07be3a59bc770ceedd164e61d762e653467b36763352bc6fd40c8a599e5c1","sha512":"bd911fe7a3f9a97b6e9b469ffdd6a446941f15c2b372a6e2eddf61076abe659ae09d8f0ad41301d09ccd0fd04ea2ade042f382dbb0aab4b5194ac7480b4612f8","ssdeep":"96:dSK2CcM7Wi3KV/aaAV2f5Wa55uw3K6rGfwNbM67YMrR2ldIM0FrF54NvYuFI06XY:QxyKL7Ua5zrBM6lnp54pB5v","tlshash":"81d1afc3fed0e812ebc81e088c57405a8af70bb19398f975e8e8d98454716fd55582ef","first_seen":"2023-05-26T11:52:40Z","last_seen":"2026-04-09T02:31:42.196294Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/tabBarIco/icon-tab-1.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/tabBarIco/icon-tab-1.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-1ea5\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a8ZouB7XBg9GBjGztqGLCht1IOC5sSOKYNjO92YDowqIH%2B5jzLS4LK%2FI7LDYhW4oLuVmO9Ne9COQJy188UqzfynNlkHXQz7hpxpuTxrMJ0Egv72cqoWQaJee5p%2B%2FArpNc3u%2FFbQ%3D\"}]}\r\ncf-ray: 9e96182a9fdf76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7845,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"b9d2018edda9e46778b69c846d899572","sha1":"cf3a5639b3b3ce6eb4469a0857aa0507dec0599c","sha256":"6ad6531bfdf19249a3fe28e78ae8324d48266fd71557e59c186d490e3fcdc403","sha512":"e34207af007975c4b6c25d7e826d15be451d95fc850fb928dab92f5ca83973e685e2ab522befdf9ba56d04139d6dc2581048e1bdaa11748ee8fb952e9d927553","ssdeep":"192:pjED3l+WzJQjC30bL//cNVkw7qpm7oEACZQmFLlEG:pE1+qJQNTUDkw7EvEAC2mrh","tlshash":"74f19fc49ad89743af1dab23353feb33bcad6c5471daa7f61b8c2d0d499c256950020a","first_seen":"2025-10-22T11:32:11.260279Z","last_seen":"2026-04-09T02:31:42.197031Z","times_seen":12,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/assets/uniicons.2579c7da.ttf","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /assets/uniicons.2579c7da.ttf HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 35824\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\npriority: u=4,i=?0\r\netag: \"68b560e8-8bf0\"\r\naccept-ranges: bytes\r\nage: 21\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f9SeKvlbb%2F0ExMXpdQp8chMZ3a6BMMdyn2QNokP0%2FQeUmK6Eq3RFWx%2Fq%2BPzUQfD3Hf%2FysMI0dEf8l5NKcqX4%2F6397yK0adogmnYqScLaPMsydpNm1MKyhQdzaMyNmuDxIH47kjo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e96182b0ffb76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35824,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"GSUB\", 18 names, Macintosh, Created by iconfontuniiconsRegularuniiconsuniiconsVersion 1.0uniiconsGenerated by svg2ttf from F","md5":"2579c7da7e5cb4418f36e17c71125128","sha1":"de4aad75292f9386525b52ae801f9b2252ea07c4","sha256":"32e978a546182be7be788ebf4dbce57b8cc8b6f4d9da0c9d3a46a5e030bc1efc","sha512":"690b27e2d6c53eb6bff5ffba83b69cd03496c78c546aa79705639ea4526f89f85a1fb4ca0b7352d8c8a9428c07f14d5f61cbdc8c2c45156ee815095fd0504181","ssdeep":"768:NjUnym6cVBqac6riFK/d8PWenmP7p7+A9cbWL2eRGXSOu:ZUnym6mqB6WsdenmP97dqb4lSu","tlshash":"dff28d65176d4e6ada7e4abb188761130f7dff3060b2ea15ee8ebc4e84080f005d4b1e","first_seen":"2024-06-29T16:50:30Z","last_seen":"2026-04-09T02:31:42.207517Z","times_seen":488,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-09T02:31:12.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 09 Apr 2026 02:31:13 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 23 Mar 2026 23:39:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EsLfKMJsxJHoxO1G%2FHc3o53BBvAlQMwY9DPMOKGYJMQj9B0Jr2%2BITjSstd19N5XW1OOZbVFPKpnXgbLceqDRy0%2FYB2MVoLXg8j8817ZC230XJ7qCT1P0ovcPNWe8lFT6gwOmu%2BQ%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e96182249b456b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":793,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (381)","md5":"010cda3bd49123633d926f98f19e7d52","sha1":"e88691d48e6ca44a5f0739988ce862a6073d4d33","sha256":"4582b08a8767343a306518faf1db95c6b4d0051fce0e8aca6e2eb04e6d247c02","sha512":"663e9ff9cf35449f4f3fa3aeb5119725e37bb60bcc9a4b3531a67482d1a2e807e938ed273d14fe61f6ee3f99a943d05b8d32d80600565eb79ce37974e3eb1bb5","ssdeep":"","tlshash":"4901bde22c14e42a0b20965574b9f72c98eb8aa47912d840b89c09ac4fe4fcc5e7a859","first_seen":"2026-04-09T02:31:19.198917Z","last_seen":"2026-04-09T02:31:42.210493Z","times_seen":2,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":17,"dns":1,"connect":1,"send":0,"wait":212,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/index.ed4a2d2b.css","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:13.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/index.ed4a2d2b.css HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 23 Mar 2026 23:19:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69c1ca98-1794e\"\r\nexpires: Thu, 09 Apr 2026 14:30:49 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 24\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zPjv5Amb%2FXTJI%2B7RvSN0FhDrbZoDyxUm7VlCaNeXt76q00224w7We4n3F06Kq4zW9dq%2BIgCtq0Lp9wqtj6suv50xZnz2PNDALVuYBIGFuFoeJY0YisZUyITwni7FcaMMDwBmXF0%3D\"}]}\r\ncf-ray: 9e961824bfaf76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96590,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d2c05a28c7f2113821d909b7b5b918a3","sha1":"ccac94311f6ac6f580b64f47f7705318f1d226a3","sha256":"695bdbeea38a126c139158967cdd4f3a435e9936b9dff5b002e5f20a10fc7907","sha512":"3b96fbd1a89be8ae0b7479705cd4a2958ffe7f2f3f57ec23f407ad51ed8b447b9960728d77502e8fd8b2b19bf0971682030117559df250ea11c9bc1802364c3c","ssdeep":"1536:qlIApuK7hmVmb2RS1Wu3xdynGJ7eh/nrhlvbc:hApuK7hmVrS1Wu3iG41nrPI","tlshash":"4493f73719012e39e52bcd26b6c1ab5a1e61c033e15307adfba47628cbcf9c9167b345","first_seen":"2025-10-16T12:28:28.877032Z","last_seen":"2026-04-09T02:31:42.211439Z","times_seen":940,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/images/homepage/m1.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/images/homepage/m1.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-192e\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uH9if9hFbV4iSZw05CgKjloCAKIYiVxoprczkUYgUi8NaeVgmMi3CA381gUFHKghDrvOIwPI%2FP4PtlOtqRypjMel2y0LWMbIFb6e1b1dJtynx4eM8oNcSXU2o%2BgL5V1Ttc8cFBo%3D\"}]}\r\ncf-ray: 9e96182a7fdb76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 105 x 106, 8-bit/color RGBA, non-interlaced","md5":"000ecc297124baf79f3cfb434ba16ecf","sha1":"4bedecb576642919c7aa9712749f5a2860274549","sha256":"2d6d222a478192e47b37f987cbeb5cd551ba084048ff9d4f9c5456b8f935d361","sha512":"2d71101b985f16cba06ed417b5b96de474e78caca49b9973e52a76c6eef83f3704aac0dda89c3b149fdd91c844d04bb18942d5c15f920100383b7a60bd13903e","ssdeep":"192:ImoAqEd+E2Hax9zZoYb3wgV+Nyw5JofXYOFA:sAf+E2qdL80+NzDog3","tlshash":"9fd1a08a36f8e942226545d19e470f5cdb66060bce7937717e842d1ea2042ddb2d331a","first_seen":"2023-10-05T05:45:51Z","last_seen":"2026-04-09T02:31:42.21195Z","times_seen":13,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/images/homepage/m4.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/images/homepage/m4.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-1070\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zUT3YBs9uuZxCle3GFOrvYI%2BRNLvGoOLm9LyISj3emjb8aay1hdsHrtBFAM4LzoHyAgRo1gRaXULpvRFN2dDJf63Ke4Ff4J%2B2RRxDHRG2pl7i39fK%2B2ycfNMVwiTNC3USkCFa6g%3D\"}]}\r\ncf-ray: 9e96182a8fdd76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4208,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"0cc1b9eb63f9839f785920b6bebfcad6","sha1":"2c11e37ff7ff6dd60a16d4a1149d11ebeae824cf","sha256":"9718446a42f60be88f29bf467a3f6d1c1b29044b713052204e46ff17af8fd60b","sha512":"2784f31be775765dbc8e0b0db40d810e380c7e47649455ee7d1fad2c70dd24828a6a45e7775f4675e9454973c1e2f62f09757c23d0c35555dbc10321c5b106fe","ssdeep":"96:A4zvIB+jVI4tj+iLtLc8fT2R5wbcw5O7IpNzFUJAgM08zan:A4kB+vh+ktLc8L+WbI7I7zFUC09n","tlshash":"9e916c9ea72a7305c7ae38319b06af13d5287655da1d31b40cf0ca07e4b26d7dc4226b","first_seen":"2024-08-20T06:34:53.399265Z","last_seen":"2026-04-09T02:31:42.212519Z","times_seen":16,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/tabBarIco/icon-tab-44.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/tabBarIco/icon-tab-44.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-1ba3\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a%2FnwNKvftsH%2ByK00Q4gTaoTgXNzGxWgL9lz7Z4jbLrgDqxSFWMBGYMSRzqolVF1hP7pKkXcrlyFGLs%2B4LB8dd2XxtSSAEEeLj22cIDq%2BlCiAAxoTaTaMmxnuL9H2LP752Hd1Nd0%3D\"}]}\r\ncf-ray: 9e96182aaff076ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7075,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"eebee7c6679e4476cb493dc44a7fb2cd","sha1":"a46f5c53d487dc84a73a1239630634ac9c5dbcb8","sha256":"930e091a0c737ad4e3c46afca779188bee544dbbee34ae0695b6ee557c3512f6","sha512":"1a345dd3d4f5a11f60a61da807888d55e8c6ffecf4468a5d01bdf02dfaff2718e4289884a805d7c8a7dfe45ce9f119d40fb467ff153154f7e87da2b649c2656e","ssdeep":"192:VScWOzl24M6miBQ6bq9MqgCdg0dIRbsf2QI03xxNMoGRKn6RYK1:MGzIgOo4FVdgRRzF037NMC6N1","tlshash":"50e18e64e03d50abd390b0224c5de4adda5b2fa1a78dc050ce858d5a461e5245f77f3a","first_seen":"2025-11-17T06:50:36.519797Z","last_seen":"2026-04-09T02:31:42.213095Z","times_seen":11,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/pages-index-index.479ff7ca.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:13.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/js/pages-index-index.479ff7ca.js HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 23 Mar 2026 23:19:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69c1ca98-109143\"\r\nexpires: Thu, 09 Apr 2026 14:30:51 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 22\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sCNm7TEOwJGfdmsiSqTY%2F7SygXgEZV7Y5lIR1ejS13fGXdkJiq9IsCsoKuiFm2iPTbmXFNweFn3LAqWelkfiTweYOahkC%2FQfsaTpPHJk%2BFuhS0zyw%2FyVDyrwmKhbzW%2BQjzb9q3M%3D\"}]}\r\ncf-ray: 9e9618282fca76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1085763,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52872)","md5":"3618c3fad13a297a5928c575ee978da7","sha1":"53c41ad0fb0fa1f477022732ff09dc006cf228a4","sha256":"563e139131793deea1de8431630728c4cb1a5b521488e83e6d0a9ff4b99f63f2","sha512":"4bb0bbfc951922e5a3fdbd37532858588bdb0690cfc2ae5ad404736f15f6589571d7797ab68f2e26e32e86ff2fef15103b09303213e03885bea68e36e46c1f97","ssdeep":"12288:uYXIDBWOfwF/H9OJnbeGQpGDeJlJQW+oEssMm00vZx4Q6JalPDJL8RiR695loD:u8+gOJnGccJtybMm3WolPDJL8RQ695w","tlshash":"21251998b654703543a771b4016f090fa336690db50b85a8fb69e4ea6cbd44f323bf78","first_seen":"2026-04-09T02:31:19.192415Z","last_seen":"2026-04-09T02:31:42.213658Z","times_seen":2,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/images/login.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:13.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/images/login.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:13 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iWMSEEno%2FY8mCLuFFtBU2J134uglUofKVHh3ucLq6h127rsk6zgn260uDvZLAxM%2BJbXxt3naiYtOJhnEfcRV8LxJoB2nCM5MZ%2BpJGfzn4h24pG%2BreXuoxX2Tu2Te9JPr8uXAaZ0%3D\"}]}\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\nage: 22\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e9618286fce76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-04-09T06:40:14.365357Z","times_seen":247726,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/chunk-vendors.c82102a0.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:13.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/js/chunk-vendors.c82102a0.js HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 23 Mar 2026 23:19:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69c1ca98-2270fd\"\r\nexpires: Thu, 09 Apr 2026 14:30:49 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 24\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7d8RL1kDy6Kl9uTQdocgR364B5FyfhKDFCqeiyUhQ01f6bTz6TWNPTRjsQnZGmkZSdECBjNKKsXmjNHou6%2ByN3chkuFdUEB7MfdemDYmTgtB8rhBnFO3eLe5vhMmmMsBEqfbGic%3D\"}]}\r\ncf-ray: 9e961824bfb076ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2257149,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (34509)","md5":"72c2183da8b10149be435373f617e046","sha1":"84ef7211e60d36980f8a38dc539457c284c167cd","sha256":"581f80bd019c0bae3806f575b1f08c52b7f99b5cb4b34bddb46eb61f77065107","sha512":"d89877d759fb60e4cf6ef174655be27d0c6a01fd1292598fc71349f0360eabb64f6fd1909e50890e70eda13600269727ccc3464964d6a3636c66b33e8394a600","ssdeep":"6144:epXgeG9lAcqECgFtgla/kkYchsFzMgtCNvmsz0ikyO4wI9+V:4weo/xCgFxkOIzPtamsz0tynwIQ","tlshash":"7425e9d47291b065c2a21e95402fd00ae33efd687c4c5169bb67ecf72cb4a59412bf3a","first_seen":"2026-04-09T02:31:19.199933Z","last_seen":"2026-04-09T02:31:42.214685Z","times_seen":2,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/index.1c197ac4.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:13.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/js/index.1c197ac4.js HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 23 Mar 2026 23:30:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69c1cd03-3e056\"\r\nexpires: Thu, 09 Apr 2026 14:30:49 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 24\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=82R5b3u05ox%2FVshDNZsc1JhvOFTx4nMkTez0ERxTzGmpkj%2FeJInizRnQlUFj4sav5IZwZ35htPxx34aGl4UrjUI%2BVo8ZU43K3j4vqzAsH0RbtJwheHPw2P97uWp18URJbu9Ytmc%3D\"}]}\r\ncf-ray: 9e961824bfb176ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":254038,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (58584), with no line terminators","md5":"8f2e88aa18ce5b5f37d899374228f2b8","sha1":"7c938848f024d89c878f973fdc2dff939989012f","sha256":"dafa664e5fa56585ef0549584a896f25a71921bc599cfdb58550a0e2d784ac25","sha512":"9c34aed48a0d537c5a7f07bfbb41e09aef348e5384034e52707f99c26e040bafd70104360f927edd8bf64385596650b9135d8a85c210fab111ac79a67de1465d","ssdeep":"6144:7n6Qcd4AexV5/xeyuyYtyi8OQ9MUjPxeJsMddcHFophRKF96NHg8258E:NAexV5/xeyuyYtyi8OQ9MUjxe57E","tlshash":"cb44f79a344aefbb87d52285285ebf0530f91ce32488d4d7438cef816fa92595623b71","first_seen":"2026-04-09T02:31:42.21524Z","last_seen":"2026-04-09T02:31:42.21524Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/pages-ai-transaction~pages-index-bibi~pages-index-bibiDetail~pages-index-contractOrder~pages-index-h~3e7c297f.d8ab442d.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:13.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/js/pages-ai-transaction~pages-index-bibi~pages-index-bibiDetail~pages-index-contractOrder~pages-index-h~3e7c297f.d8ab442d.js HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 23 Mar 2026 23:19:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69c1ca98-422d\"\r\nexpires: Thu, 09 Apr 2026 14:30:51 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 22\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Sr0OQv%2BbetZOIXxrIGWNL6yiofw1FCtiI2xnTjKa1pawzElb4c0f1LqqpvB8AWZ8UpuZdqIbtX08QYS08UQTPs%2FmrMnNrKWbzAJ1CBffNrQdWVLizNsHvtIxzhrB%2FhM5Ew%2Bq54%3D\"}]}\r\ncf-ray: 9e9618281fc976ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16941,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16399), with no line terminators","md5":"2fa987667091c8edc1850abd0ce0d9cf","sha1":"50069618dd3ad1584626756aed69de924df1be67","sha256":"c1078397c8cc8fb4158a79f76dbb9a98c36557fcf8826fe76f2481d03a7ba634","sha512":"4281ffa0243fa7f54e9d449856bce763725da764d4adc59920c8ff5232a2fa7a1ec19ce7b050b9169707a43b6130a2534d62d44ca834d37698f5c1989c9c0cfb","ssdeep":"384:FRRCXCdSCjJu+pmoUI3BV6W0DRYYxU1AlHGbO0GTk:1CX61uEmDI+WKRLxU1AlHGbQo","tlshash":"1672d98cf4c2f446059360b2c13f4209117a6d987517a55c7bfaeaf20ea9a8d2363f7c","first_seen":"2026-04-09T02:31:19.188071Z","last_seen":"2026-04-09T02:31:42.216064Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/images/homepage/m5.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/images/homepage/m5.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-14af\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z4qF4Xi0Pmc4cmf%2FJyzLCADFQICKGkdhjjFIsLovF9ZxIeBTTvk3vGOZA4QjD8%2BoNsxV4nD9o7lVKfplJLWK67EQJuVEUweVYYvW3uzMQm6ZDvVZiW%2B4R8aG4WoA5RxG5nVvJUw%3D\"}]}\r\ncf-ray: 9e96182a8fde76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5295,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 105 x 106, 8-bit/color RGBA, non-interlaced","md5":"6f42f580394a2b7829b3cb912dc92289","sha1":"eee59e5578e1c5078f877e31d990d637611bd7c4","sha256":"da7afbf4b34ef2e4e538f4569fccbdcfb45d4cd1bd9c7907e1a693a1f90ffaa0","sha512":"d3dbd08de2f6212019059e0ce1addfcba330ee7a06d0f115aad79f474c2770ce9cf7759a79124fb35beb4ca71c41d33125f2471ad05112d9c72cb213da5f4dc1","ssdeep":"96:d22bhDCP+0ggnqCgHg0/smE64R5OXzElqBY/FBp7VcL9Ujh8OJ:DQDnqCOz9Ep4glV5WL9ohfJ","tlshash":"22b18de4f7807e12909517e1f4f7c02739b59088e0b2b12aa4dde41328a63e9f4f7876","first_seen":"2025-10-22T11:32:11.288385Z","last_seen":"2026-04-09T02:31:42.220311Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/tabBarIco/icon-tab-11.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/tabBarIco/icon-tab-11.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-14a7\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rcBtf%2BSP12Tqjxc%2FMj%2BwsaktLxSYyBbdFui8kvs0LLOkVwv73UIzuavoGfjy3pboEa29NXRxgThMkouupgMXCGG%2BtuFr3XNkWk95Kpf2Wh%2BncECrhB%2BHsfw3b1baPGW8FRwOOLU%3D\"}]}\r\ncf-ray: 9e96182a9fe076ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f5c91fa66d93f1dd5c3557966db917d7","sha1":"711f70a3c7191eb2588cfcde32d6c75eb3d3e7d8","sha256":"9bcbe2972a37190df8ede2a0d1063eaf1ac53bd6761465968d4631a8d33d9dfc","sha512":"b0b035ae6e005ccce2597a6f87ed02a9168905a049ec09258530faba4475b1f210d60d1b2bf7cd3bd81dc9b97919ce0e24a90907b473010052b73e5936a7d048","ssdeep":"96:bH2Okrbwlbmmm6xNF9gQWpYD+lj/VRXB/TRCZXd48AIxMO5Wv17VlUOHNUDlYrPE:bbkvotm6xQvj9H/TRCQhWMfv17VlUOHa","tlshash":"a5b17d9812f6d4b191aea90f59ea29d5043400df1186e995a0e97cf1e0cf1f2fae8686","first_seen":"2025-10-22T11:32:11.282406Z","last_seen":"2026-04-09T02:31:42.220991Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/tabBarIco/icon-tab-4.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/tabBarIco/icon-tab-4.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-2a08\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rv7fhQyk5Z9l8sqoSLMEhC9IC%2BRDuB9Ifs9lW4oQW%2FKYe%2Bjm%2FcIMU7NUbmTER0alFkJmVUKR%2BWGhL1LpXVxjLtbIrvrQl1z%2FqZm7oPu4L4XGfAybx%2FfIxeUurk9tZIAPf%2BoHyfU%3D\"}]}\r\ncf-ray: 9e96182aafe476ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10760,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"24fd3089ad21de82b4ce8f9725be177d","sha1":"b4bdffbee127c9b4e13a05da56b746a0542adba8","sha256":"c12d1e6c5058d265e935171efe8c02df18cfbffc09e61b21202763e0a04673bb","sha512":"a50cc140cb1b39abfc32ec789c88cfad8fbbdfe9596245c7463e160001df6071432faffdbf65edd32e9fe30ee4abf8c28f5b9567da9f0e77f9f10c3282b77275","ssdeep":"192:GOT7cQuaN96SKj2787Dcd8YpeEJdvPRRItrN9:GvQgSd+MFXJ3GtJ9","tlshash":"8622c084e977832652e0a0e00707c925ea99d59b5c573f73f8c30b1ec8b88d92053fb4","first_seen":"2025-10-22T11:32:11.298317Z","last_seen":"2026-04-09T02:31:42.22211Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/tabBarIco/icon-tab-5.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/tabBarIco/icon-tab-5.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-2097\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F%2FfokSSoyq2ESX0JQk%2BNS5NcFYbECZXLAsqki%2FPcBeaMLLAS%2Bmb%2FtnDfs2016cgMQbu5%2FQ8io8%2Bpkh6%2BHHElqDh83WNVoyIxU3MJN1ct3LDkXsFkKUbWjFBBnrba%2BABl7Bj5868%3D\"}]}\r\ncf-ray: 9e96182aaff276ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8343,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"89dc14de6bcf7232ef4655051c650860","sha1":"f42e28f787d2f59b136a676286195c21cc9e0101","sha256":"7267cfbb067e69f0cc73bfa6b4ba76d8828d9998678e5eb7b6b232ac1099398e","sha512":"6a92c5af8b35a2a4bed3dc4fab911eac1d683319f214eef2f5e985d05ded69e225764323f87652505e72f27e0b88d01c61bf214675229f2491e0a73e72bd9d0e","ssdeep":"96:Kk75myO+o8lVsFVEU0HCbyfoHMCz19B8RNORNNFUelR0o3dWTIYlYKyCmyYclBm3:t7OtLFkATBSKN4eVNldpI0hLe3bmL","tlshash":"93029f37ebdd6f089b2293a531d50e6ebd9a4729a0d00813761c9892878887857d37a6","first_seen":"2025-10-22T11:32:11.300271Z","last_seen":"2026-04-09T02:31:42.222632Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/tabBarIco/icon-tab-55.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/tabBarIco/icon-tab-55.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-15de\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gKw5G71DB1z8JchUDf0DIvMU5vYNYNn87h69GNLk%2Bu8gowoH2m1bRcxcj3xiNJVN2pwMRfYw4F3JsPdhd6zRzNe3GQOlW%2FVaHlai4T9s%2FMmX3tMeh2u7nld7T%2B%2Fma4lz%2FN33ypE%3D\"}]}\r\ncf-ray: 9e96182aaff376ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5598,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"51de372112a0e09d9ff26ff3d2ac09e6","sha1":"06dda767beae724f52a1bc5a364d886bfd6e30ca","sha256":"d8cc283735edf3dcae811100569ffe0441c4aa792166e0b52d04e5630b1ed6fb","sha512":"45ae0d6e15dfb35dec42c117320cb9300b917bd4f1dda9634c81d97949a4c6a100533dbd1a6a2a9c700eb6a671855c066b6a5261949d5e7f73ddb01d27121b3b","ssdeep":"96:90aInHDh1dXdztE/Q0Pzfr6E4kn7XcM8BVFJYQE:ejHDZXdztE40PjrMknwM8BVFPE","tlshash":"d9c18d161d0cf13dca8169676fde9260a0ac570ef25935a5c62dc20ea603ab1b3221da","first_seen":"2025-10-22T11:32:11.316756Z","last_seen":"2026-04-09T02:31:42.223301Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"ws.wkhyi2tdqzxha8.com/","fqdn":"ws.wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:15.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ws.wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://wkhyi2tdqzxha8.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: h//OCBizJ/Xuh8xd2hh/oA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 502 Bad Gateway\r\nDate: Thu, 09 Apr 2026 02:31:15 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 6362\r\nConnection: keep-alive\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0o9cHILq%2FY2A9dPJMl9tWn1Q2TGQc1Cz4VHzoabm1JtcdVKgfy8F%2FxyQTD6P%2BW2%2BUBE4%2B10s6r67Gd%2FVD9ccp8jhWfiEwbTOQDqGbW8hGPJfGhW7NsTHL%2FJdZtu0kcmE74Up%2F81QTNg%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: same-origin\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nServer: cloudflare\r\nCF-RAY: 9e9618317996b515-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=497\u0026min_rtt=467\u0026rtt_var=185\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2357\u0026recv_bytes=1165\u0026delivery_rate=4747540\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=69e41b7a6fa699e8\u0026ts=430\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T06:38:20.351405Z","times_seen":13530349,"resource_available":true,"data":null}},"time_used":469,"timings":{"blocked":0,"dns":16,"connect":16,"send":0,"wait":416,"receive":2,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"ws.wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/js/pages-ai-grade~pages-ai-pastearning~pages-ai-product~pages-ai-quantization~pages-ai-transaction~page~9a27baf4.3e631338.js","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:13.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/js/pages-ai-grade~pages-ai-pastearning~pages-ai-product~pages-ai-quantization~pages-ai-transaction~page~9a27baf4.3e631338.js HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 23 Mar 2026 23:19:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69c1ca98-5ea1\"\r\nexpires: Thu, 09 Apr 2026 14:30:51 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 22\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2lvaDfMqF9yjjsfwvwutyHo1Y%2BjuOQqdKByH%2FuG8BJkkaM%2Bza77qodUewr7IWJ0YDdj3%2Bvzz4zbKx7NR1t9KNV1TYpC8rR6nzcsF%2FXlL8RXNORdrXlTv0clwKCn1V3WSckpqLWY%3D\"}]}\r\ncf-ray: 9e9618281fc876ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24225,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22879), with no line terminators","md5":"66d5b041ca33352cda1653ebc5196c41","sha1":"c61c36d08586e1fd70bedbc21582574c366ecc9c","sha256":"d2bd917eead3b6253aa9e236b538abb7153b84c2098489273e704eb937fcc31a","sha512":"b8a21146a4be3dee144586a083220a0da66d46c05d672721c3e2649c95d425b6c98a92a9b6bd775d90c78914f0aaa2228f6060e3da6954e94bbf885686fc4a07","ssdeep":"384:MyQQVHa3OXLE43iThxxqxA8u7C1iuiu3JD:MGJRZEq","tlshash":"55b2bb92e45c08e4bffbe40f935e721f6a447fa5c0a098649dbb818e09ddb7115b4b2c","first_seen":"2026-04-09T02:31:19.191297Z","last_seen":"2026-04-09T02:31:42.224371Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/tabBarIco/icon-tab-33.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/tabBarIco/icon-tab-33.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-1c85\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DW8uduArZd4ZjGwuOI9n%2FKrLri1tZSEY8nCFv43DXamcVvgf0Sufk3vtPK3zdt2CS%2BwAuOB3HjMEvFWl%2Bk3phr2WOgE51z%2F5QChBPvrPo39Zf2RevyA21Z1cRPRQ9%2BuXk%2BJRVeE%3D\"}]}\r\ncf-ray: 9e96182a9fe376ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7301,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"503d504287caf8e683479df1f43c2c84","sha1":"6af2937c71035387caeb9885e6def91c0bd1961b","sha256":"beeb325b321f4f0db1a26785a3725a92e26933b88f37d13b19979142988523e0","sha512":"b42fb0c8c1b47a805f60f8f7b045e8bfdf1adb0141936683a2339d4de4e28a05f98447e88a221455af486168a4a76165d61960aa99a0d256535f0ec1b190e7d7","ssdeep":"192:UM5yA7yte41p3/rHblLjXfcrkFLm3b32KK:UW7ytey/zlXNFLgb32KK","tlshash":"8be1ae867938296114ea99072b4313425a7a05f4c9fa925073af8e8ce874f1721ff916","first_seen":"2025-10-22T11:32:11.268948Z","last_seen":"2026-04-09T02:31:42.226114Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wkhyi2tdqzxha8.com/api/common/getsetting","fqdn":"api.wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"104.21.80.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"OPTIONS /api/common/getsetting HTTP/1.1\r\nHost: api.wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: authorization,content-type,lang\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nOrigin: https://wkhyi2tdqzxha8.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: authorization,content-type,lang\r\naccess-control-max-age: 0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7loupXuU4RZjYaVC70mxo1UDMyvSnMzAGUFIOwEm5jnKAnIWo1nc5AvwNpLtKHPKaTKMKep66jw43f%2FU4qQ1bkYsQ5Xey1SM%2BXGL5%2BMIQ3G0Ri4b9EGJH9bUst1Vv9TJLXaCohVdb%2ByA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e96182b1aaf56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T06:38:20.351405Z","times_seen":13530349,"resource_available":true,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"api.wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wkhyi2tdqzxha8.com/api/common/index","fqdn":"api.wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"104.21.80.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"POST /api/common/index HTTP/1.1\r\nHost: api.wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nlang: en\r\nContent-Type: application/json\r\nContent-Length: 18\r\nOrigin: https://wkhyi2tdqzxha8.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":18,"data":"{\"tokenAuth\":true}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 09 Apr 2026 02:31:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nx-ratelimit-limit: 60\r\nx-ratelimit-remaining: 58\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=caIV3C0yBcpjCtbC45iGSbQxptpqY4dFU5Y1VfzqSdiK%2BQU389QkCCPAfS3jQJoVUnG69rsQx%2FO7M4DXiN097%2BAp%2Bq%2BPIH%2Bq2AS6fIPwjr5V7hpLx%2Br5oA9Fj%2BUUCfJIWpOPVGFZmAnh\"}]}\r\ncf-ray: 9e96182eabb656c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12769,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"01961e1028e8e8527a77a4ba6ba24571","sha1":"7c8a3b031c6716b590a22ec2a1295dedce470a83","sha256":"8e4ea0fa7c18b2a36f74b0cd46972ce1ca76ef3752e7d6388394ee1191af9f92","sha512":"cad0a750ad52369052f80d6977589427f9ca1ab6ddd5959ca700f40f03909e600353f1d8e858efd90a4f4c332c8cde0c2c09046ee72f23e3d73d60b42339dd9a","ssdeep":"192:eBeS+lMRk4aIFyirYR6kE9dX7zQkCt/++PuszXeoxCbi7VEA+OQiFm4X7hYih6LD:rrirYR6kE9dX7zQvl9LFwTRV","tlshash":"1142ee2216ac52b5f0715e5c2b52feb44a27700f7dc91f940ada9d6894e43f82a3ef03","first_seen":"2026-04-09T02:31:42.227349Z","last_seen":"2026-04-09T02:31:42.227349Z","times_seen":1,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":412,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"api.wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/images/homepage/m2.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/images/homepage/m2.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-18ca\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xe6NYgy8FgnL9q0Go2Qf9FvsjoKMQKy9BMbQdkwH%2FeesovBZth5q222OCd2q8m%2FnejH7TCW1eTVing1DSfIoCp1staAtSXkecETMrVQihkZO%2BEwRqB%2BTWKZz2CJ9%2FsSkS0lakWY%3D\"}]}\r\ncf-ray: 9e96182a7fd976ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 105 x 106, 8-bit/color RGBA, non-interlaced","md5":"6d9a42331b9d72708661222a470a0fc7","sha1":"eee82161d24605d227c46a3ae2e32c033ac7d8f8","sha256":"8f911f7fdbab8e1948035e8190f01588d1a9e4e7404ff153c9d7cd8f38788042","sha512":"d1961f064ea66d808231d81d6dd0ee1cc9dcb1f493feebb9fdb38b6b00c0d5332ee0b6034690793f280416e5f70e889aa18eb2d92a886f34608a8df591f72a4b","ssdeep":"192:D9zZ9g4yKazQFOku57BuT9ghLKDyZUy3zm8OyzH7:T97yJcMkT9CZUmASH7","tlshash":"19d19fd9eee82cffcf4bb3a56015cea447a0554968f0e446dd25d1e836808bd18fe4c2","first_seen":"2023-10-05T05:45:51Z","last_seen":"2026-04-09T02:31:42.228441Z","times_seen":13,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wkhyi2tdqzxha8.com/api/common/index","fqdn":"api.wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"104.21.80.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"OPTIONS /api/common/index HTTP/1.1\r\nHost: api.wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: authorization,content-type,lang\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nOrigin: https://wkhyi2tdqzxha8.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: authorization,content-type,lang\r\naccess-control-max-age: 0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bdvLf98MbFEdtOpXft7nJIKGkrYdIbda4XFmJADR8VdvOwNpEOtAktWNzax1WM%2BGj62je%2FH19ZLuQ9BI4GAQ4dAaZwwHDkqPb54ZK6TPD0KekVM%2BRC0d7JN1nPfn99GyGTrOE6WfTO6a\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e96182b1ab156c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T06:38:20.351405Z","times_seen":13530349,"resource_available":true,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":564,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"api.wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.wkhyi2tdqzxha8.com/api/common/getsetting","fqdn":"api.wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"104.21.80.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"POST /api/common/getsetting HTTP/1.1\r\nHost: api.wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nlang: en\r\nContent-Type: application/json\r\nContent-Length: 18\r\nOrigin: https://wkhyi2tdqzxha8.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":18,"data":"{\"tokenAuth\":true}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 09 Apr 2026 02:31:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nx-ratelimit-limit: 60\r\nx-ratelimit-remaining: 58\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yfs%2Bb%2BZEXoe5Fz7y9mJ%2BtzGNw8sryPEhpc95eETjWxi4YX3oVu1gIa0ItmpIeR9ErQoFMYRVX0uQP%2FkwmjT3EYj99%2BDURy3uIXI9K%2F42SzVh9jPAQaejoQLMYEK37rNI0S2uPQVOqnh3\"}]}\r\ncf-ray: 9e96182e9bb256c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":473,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"49e4b444c72680b1df761f63d302aad2","sha1":"9098519d1d84285a145b089974c0bc82edd83953","sha256":"e97856e4d5473c5edf9392a461679eb2066eb8272ad75ab72f4867f23bbcaea2","sha512":"fc26efc3825a874c751aff1f8a3661251d4679e7ecaa501de05f7568654ae04b1110cbce0fb40dab7f5b232c45246f5650e95282b0d87ed2b5e91cdec3a43d21","ssdeep":"","tlshash":"5ef0a0a372ad8cb8d3575d02db0bb0006479f2d785cd4a0018bd9e65aad01b6a46dd9d","first_seen":"2026-04-09T02:31:19.197933Z","last_seen":"2026-04-09T02:31:42.229275Z","times_seen":2,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":391,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"api.wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"124.222.174.117","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:16.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 09 Apr 2026 02:31:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Thu, 09 Apr 2026 15:31:17 GMT\r\ncache-control: max-age=46800\r\nset-cookie: __uni__uid=rBEQa2nXD3Vdn8bdA5GbAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-04-09T02:31:42.230057Z","times_seen":14638,"resource_available":false,"data":null}},"time_used":1546,"timings":{"blocked":638,"dns":1,"connect":271,"send":0,"wait":269,"receive":0,"ssl":365},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wkhyi2tdqzxha8.com/static/tabBarIco/icon-tab-3.png","fqdn":"wkhyi2tdqzxha8.com","domain":"wkhyi2tdqzxha8.com","tld":"com"},"ip":{"addr":"172.67.153.145","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wkhyi2tdqzxha8.com/","date":"2026-04-09T02:31:14.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wkhyi2tdqzxha8.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:39:39 GMT","end":"Sun, 21 Jun 2026 13:39:38 GMT"},"fingerprint":{"sha1":"1F:BD:AF:16:02:FA:1B:B3:9B:FB:1B:0B:62:F1:E4:38:CC:65:E0:04","sha256":"6B:08:5C:36:0E:02:72:C8:09:63:8B:F2:3C:42:02:29:CB:B8:6E:5D:E2:27:62:B7:99:E5:74:F7:F0:91:0B:13"}}},"request":{"raw":"GET /static/tabBarIco/icon-tab-3.png HTTP/1.1\r\nHost: wkhyi2tdqzxha8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wkhyi2tdqzxha8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 02:31:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Sep 2025 09:01:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68b560e8-2c29\"\r\nexpires: Sat, 09 May 2026 02:30:52 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 21\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h0REG8gFSqIlU4U2xTeg%2BvtsyMI%2BaoqvBCPn7J4nJIKeskr8GMHukIgzFD54PGvpmBd1D4liihZTC9TqmJBFFIZRl2RA%2Bvjkvt%2BHkZHNimy%2FH8RrKnXjkVddIQjFGW%2FI9SFdrqY%3D\"}]}\r\ncf-ray: 9e96182a9fe276ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11305,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"78c657dae679083d0f48ded26cff59ec","sha1":"b4d2c5d72e09158fa39181e168581bad863288f9","sha256":"0c488ba547a9da1ee8b68fb51da8d539427df7231ab857a4664ac34330adcf93","sha512":"caa42de58a27b7d0fedd813bab728f1e2e8d85d3ed4a1e54c2e74081e147e9d90a2e5fb14004f9a7200226d187f71affff950e413428bf6744b36bba9c6eabdc","ssdeep":"192:g4EZgqg1gl2jcg7du/Qrmwib61MXlOii8mkZYwvXc9nkplMqlk/3SjkBSLm8L9hW:gLcxu/QTG61MVOii86SOq43SjkULb9hW","tlshash":"4432cf37c487acfa94f0448e7ff7ac59da00901a3b953205a4c2ce419c696984efee5b","first_seen":"2025-10-22T11:32:11.26211Z","last_seen":"2026-04-09T02:31:42.230668Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"wkhyi2tdqzxha8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}