{"report_id":"62d30521-37a7-4bd4-ab5a-667d8b4372c1","version":6,"status":"done","tags":[],"date":"2026-05-14T18:51:32Z","url":{"schema":"http","addr":"javaadminpolymarket.17cai.net","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":0,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/#/login?redirect=%2Findex","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"title":"mybestmarket Admin","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"javaadminpolymarket.17cai.net","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":0,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-18T18:51:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"polymarketadminapi.17cai.net","ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":5498,"sent_data":1493,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"javaadminpolymarket.17cai.net","ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-04-02","domain_rank":0,"first_seen":"2026-05-14T18:51:36.453719Z","last_seen":"2026-05-14T18:51:36.453719Z","alert_count":11,"request_count":11,"received_data":3690314,"sent_data":4853,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"fedfa96a9cad6e2f75057260a159a7f7","sha1":"470aeb55ca2a8f55a02e2c8a486336b367dda721","sha256":"13908dde6afb63324293bf7faa3ea574fbcae73a51c4379504b4a87c376a7f98","sha512":"a103d56811fee1217d1a40d6462809715c36785815d080af3f39e5320244e420fcff1a2a0c4792fb309af097163fa941bac77610e51a8d4b3ffa3a67089c5d86","ssdeep":"384:h19oqL3/JA9hcvWQ+w/4GxXnI3qUOzIKD9hRs:T6qbJAfY+w/4GxX9fIKDds","tlshash":"01521df2e390f8799b66ec1b2115fb6250a72a733c3067b8522cd165a7606e4138f90f","size":14347,"data":"","first_seen":"2026-05-14T18:51:41.855458Z","last_seen":"2026-05-14T18:53:57.803315Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/chunk-elementUI.4b63ee0a.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef491309195dd63170176e916c43219d","sha1":"03edafa712deef91bd1f6c8b42b2edfeff21de23","sha256":"ed4cf0797c7435c750bcc67bd5d254be6990ca962d33edccb36fa5332a3dd220","sha512":"999a79fb8d81248ebc224509e51d7d60b984f89bc033efc7fe4d66ecc2139bd5cb76bcdc9d7040a0c975a8806f1283a1aa1efac32d50b502940945ef3f15e6c8","ssdeep":"6144:3bqB1PNGGFDmvHdSk0tQ9p633k075UfbmxgOOq8GsYIU2j/a+dV2F6VzE:3mrPFFDmvdSk02UUkOVj/aa2F6Vg","tlshash":"1ef41a8d72c5b47147a360b0103f150bb33b2aad6809809cf675d8ea6d79a0d626ff7d","size":753936,"data":"","first_seen":"2026-05-14T18:51:41.853717Z","last_seen":"2026-05-14T18:53:57.801406Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/app.d0f81da9.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f009ff5e50e4ad54bda61e1ddc040b1","sha1":"4e9772192017311c74aff1a6d4a6ca5d9cb8949b","sha256":"2eeff7236c51bbcb156c62218237e73e2b5cb319298b7e97572851d4aaf98117","sha512":"314d431a1193cf4af905aded97642561ffb2ac947939a881919da7a833bed60eae3f4bcb9392fad7884e883f1adfafc6e2b3a1bd28d0d75bc00efbb083fb9b92","ssdeep":"3072:GWf4UhhqFdJgxC6S18gWgnTwuRgDPUxUirZYqIeQ/Nw65ywd:GWf4U2N18r2KirLucC","tlshash":"76445ba9f290f1ac4b8f6776613b75167a3f30f639954860a178c9c46bb2cc86303d9d","size":270769,"data":"","first_seen":"2026-05-14T18:51:41.848443Z","last_seen":"2026-05-14T18:53:57.802336Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/chunk-libs.27001dfd.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1f570685b531a5284d45490e9d54b94","sha1":"ba24efb20be394fe0a6cb5aaecec576fb2439116","sha256":"edc9bab5f3463d5a661ee84fef85799e94c9ab7c9e31c31bbfc019dc98e5d82a","sha512":"c5605a429c9e9f9bb34a8eb349f6704f265446ae807cb7e77be8787d759c2ecbcc8cbd133f2179de01589d36fb1adc2a36f06d0c43a8d6d97fbbc548f355c08a","ssdeep":"3072:9vvBArXJM1IcjcueZ9sQPCYWILRdCWjYVFq+oja5rufOBCPwI7nFJPegzfJDBrfU:h+FM1IcgeFkdOvo2rhCYQWWB5bi","tlshash":"5cb4e79cb6d1b0b112e320f5402f160bf277a86cf44a94d4e269e8e1acb994e5177f3d","size":537399,"data":"","first_seen":"2025-06-11T03:52:42.72772Z","last_seen":"2026-05-14T18:53:57.796309Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/chunk-08ccf18e.4b3ede4b.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b8ef896b8627188592f315b2ba52744","sha1":"71beb4f0c0ad552bd370d6c25677f225937be1d9","sha256":"e4cf63ed2ad036485ff308100e3452133b3d83d1217d3c663fe7f79fc9ad531f","sha512":"31f69e798cfe3a43711bb6719607793e8489f6a249e950079896216e4fb6a7149f1e348a664cf1ed05ca7f9524e51a8e356f380a771a150ce8128a7d31faa224","ssdeep":"192:6dYJzymXPZUZATUcyu2Zu7xwpyAkET74Gn8iYI1aNOvvc:6dYJzymBtYu60AkETZ8i3S","tlshash":"ca224c37448e9c483a1ac26d711f1045500f847c6239c9987f71caeade9eb9a3625b7f","size":9945,"data":"","first_seen":"2025-10-02T10:12:35.811462Z","last_seen":"2026-05-14T18:53:57.791878Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/chunk-2d0b2b28.eab7d6f3.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c6057332adc5ff629fcc92aa99ed8d3","sha1":"7f1ab93cfb998bfd9173c1c5d47f5518d5382aad","sha256":"f4d491903f8617e3e83725c8ef951ee94e298c202a2d38a8d3f0d895a4993d69","sha512":"8bd5c3fe52d2e375400e38dc0fbf76d815f56b706fa16552d5e1be1c4a559fa34be63265894ebbfbbedb5e1e98dc80190349c445c16a47fa73e6f3d62c9ba0da","ssdeep":"1536:KslUqrcE4aaNc4Q4x2fBQ6PpasU2P+/5oseza+yie4yHp:JlUqr5W6PpasU2PQ5oPm+y54yJ","tlshash":"1933f985b6e6b46403d2a0f0061f084ae23e761da45f54fcfa5ac8e2ac7588d653ff74","size":54831,"data":"","first_seen":"2025-06-11T03:52:42.725351Z","last_seen":"2026-05-14T18:53:57.797038Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/css/chunk-08ccf18e.c8303832.css","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:10.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/css/chunk-08ccf18e.c8303832.css HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-865\"\r\nexpires: Fri, 15 May 2026 06:51:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2149,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2149), with no line terminators","md5":"d6079ae85ffc62ae1998649726f42f0a","sha1":"4ade1334774b7b433e7bcb2faad3102128799b35","sha256":"97fca72bf7636b9c8b6e1664d0606b113e236d85f9660cbf5b126549e5f8eb19","sha512":"d7a43f0f86b181b7825447d01e4b861fa521719ef6a6a20f87ef1bef522d4cc1419eb5f48c4c9da2c134c8715c763c61c8b3eb4445129a8a4ceae4b0bea9b291","ssdeep":"","tlshash":"e4417b1703190e1660159d1122e445d2b2ced236d396df7f8cb15917cfe62ba07713bc","first_seen":"2025-05-12T11:10:13.090094Z","last_seen":"2026-06-01T14:33:11.720518Z","times_seen":28,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"polymarketadminapi.17cai.net/common/getAllSetting","fqdn":"polymarketadminapi.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:10.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"polymarketadminapi.17cai.net","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 12 May 2026 11:00:00 GMT","end":"Mon, 10 Aug 2026 10:59:59 GMT"},"fingerprint":{"sha1":"44:90:35:CC:85:AA:68:37:F1:58:7C:2F:35:83:47:E0:CF:EE:88:29","sha256":"DC:76:3E:2A:90:99:DC:31:C0:C7:1D:93:CF:B2:BD:FB:54:AE:87:80:5C:E8:F4:E9:DD:75:F2:27:77:DA:2E:00"}}},"request":{"raw":"POST /common/getAllSetting HTTP/1.1\r\nHost: polymarketadminapi.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://javaadminpolymarket.17cai.net\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:11 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://javaadminpolymarket.17cai.net\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e21c52485dbddbd421897949e661754c","sha1":"906162bc775a2b4a3d985bbad309afab596eddc0","sha256":"760e969e0ee683c8563d2700a6afb45d0c7e09e53eec90b68f679ea91bd7b6e7","sha512":"6fd7ad33e74265908df955b8c10618f3731ed60c74cc1551d98f0b9da698547bff36f50d5d612313573c96d32efd1ac6fe2a5125a1d49a44c7df5e75657677e3","ssdeep":"","tlshash":"89b012792f2c5372d8c210d5c20e3700223c31303510b308d84ce13c54dc15729189c7","first_seen":"2026-01-02T20:54:31.634406Z","last_seen":"2026-05-14T18:53:57.794268Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1424,"timings":{"blocked":578,"dns":45,"connect":262,"send":0,"wait":268,"receive":0,"ssl":268},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"polymarketadminapi.17cai.net/captchaImage","fqdn":"polymarketadminapi.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:11.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"polymarketadminapi.17cai.net","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 12 May 2026 11:00:00 GMT","end":"Mon, 10 Aug 2026 10:59:59 GMT"},"fingerprint":{"sha1":"44:90:35:CC:85:AA:68:37:F1:58:7C:2F:35:83:47:E0:CF:EE:88:29","sha256":"DC:76:3E:2A:90:99:DC:31:C0:C7:1D:93:CF:B2:BD:FB:54:AE:87:80:5C:E8:F4:E9:DD:75:F2:27:77:DA:2E:00"}}},"request":{"raw":"GET /captchaImage HTTP/1.1\r\nHost: polymarketadminapi.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nisToken: false\r\nOrigin: https://javaadminpolymarket.17cai.net\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:11 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://javaadminpolymarket.17cai.net\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4034,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"337ea1f90c616441cc4de168effefd44","sha1":"694cbdb2f52ee157dea6dc941efb43497dfe357a","sha256":"6b47ec1c6f70297ff54ebbca7d16e36fc15c471ad100faaef3812ad93a455a5b","sha512":"3baccdbbfc55981db50b5b9b4cdf1e29cb3d943b64f38c7968bf99572382e36ed47025d240791649e61ec80eb7cfa0908f8467d80b94463343e654df02bf1850","ssdeep":"","tlshash":"ce814be07f02f047ea60f80dd4077e82adcd8dbb1314a99ca6a954c3647089894fa6cb","first_seen":"2026-05-14T18:51:41.845401Z","last_seen":"2026-05-14T18:51:41.845401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-14T18:51:07.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:08 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-506c\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20588,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (14887), with CRLF line terminators","md5":"e0b70b95a80a0117932d498de2eb0d24","sha1":"fd648ddd6070cf9d28917be31c55508f51a7dcf5","sha256":"da7766c45528577f3a4d6060e81707d0edba32f9465a81865ba8ce8eacb5b2f0","sha512":"048543fdb9d3da3aafce0a144c62653afa762482a242bc0e2d9bac9c832bcba7004ebf542db85f5280a4fa681bd9fa62c226c21f6cb802b7a199c93b732a6cf5","ssdeep":"384:j/5kaT19oqL3/JA9hcvWQ+w/4GxXnI3qUOzIKD9hRQj:j/96qbJAfY+w/4GxX9fIKDdw","tlshash":"219272b69740f4798233ed1b6399f711d0ab193379302678b2acd1698f706d8039b95f","first_seen":"2026-05-14T18:51:41.846374Z","last_seen":"2026-05-14T18:53:57.795144Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1516,"timings":{"blocked":621,"dns":68,"connect":272,"send":0,"wait":274,"receive":0,"ssl":278},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/chunk-libs.27001dfd.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:08.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/js/chunk-libs.27001dfd.js HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-83337\"\r\nexpires: Fri, 15 May 2026 06:51:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":537399,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a1f570685b531a5284d45490e9d54b94","sha1":"ba24efb20be394fe0a6cb5aaecec576fb2439116","sha256":"edc9bab5f3463d5a661ee84fef85799e94c9ab7c9e31c31bbfc019dc98e5d82a","sha512":"c5605a429c9e9f9bb34a8eb349f6704f265446ae807cb7e77be8787d759c2ecbcc8cbd133f2179de01589d36fb1adc2a36f06d0c43a8d6d97fbbc548f355c08a","ssdeep":"3072:9vvBArXJM1IcjcueZ9sQPCYWILRdCWjYVFq+oja5rufOBCPwI7nFJPegzfJDBrfU:h+FM1IcgeFkdOvo2rhCYQWWB5bi","tlshash":"5cb4e79cb6d1b0b112e320f5402f160bf277a86cf44a94d4e269e8e1acb994e5177f3d","first_seen":"2025-06-11T03:52:42.72772Z","last_seen":"2026-05-14T18:53:57.796309Z","times_seen":9,"resource_available":true,"data":null}},"time_used":808,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":808,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/app.d0f81da9.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:08.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/js/app.d0f81da9.js HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-421b1\"\r\nexpires: Fri, 15 May 2026 06:51:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270769,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65496), with no line terminators","md5":"3f009ff5e50e4ad54bda61e1ddc040b1","sha1":"4e9772192017311c74aff1a6d4a6ca5d9cb8949b","sha256":"2eeff7236c51bbcb156c62218237e73e2b5cb319298b7e97572851d4aaf98117","sha512":"314d431a1193cf4af905aded97642561ffb2ac947939a881919da7a833bed60eae3f4bcb9392fad7884e883f1adfafc6e2b3a1bd28d0d75bc00efbb083fb9b92","ssdeep":"3072:GWf4UhhqFdJgxC6S18gWgnTwuRgDPUxUirZYqIeQ/Nw65ywd:GWf4U2N18r2KirLucC","tlshash":"76445ba9f290f1ac4b8f6776613b75167a3f30f639954860a178c9c46bb2cc86303d9d","first_seen":"2026-05-14T18:51:41.848443Z","last_seen":"2026-05-14T18:53:57.802336Z","times_seen":2,"resource_available":true,"data":null}},"time_used":808,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":808,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/chunk-08ccf18e.4b3ede4b.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:10.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/js/chunk-08ccf18e.4b3ede4b.js HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:10 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-26d9\"\r\nexpires: Fri, 15 May 2026 06:51:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9945,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9851), with no line terminators","md5":"1b8ef896b8627188592f315b2ba52744","sha1":"71beb4f0c0ad552bd370d6c25677f225937be1d9","sha256":"e4cf63ed2ad036485ff308100e3452133b3d83d1217d3c663fe7f79fc9ad531f","sha512":"31f69e798cfe3a43711bb6719607793e8489f6a249e950079896216e4fb6a7149f1e348a664cf1ed05ca7f9524e51a8e356f380a771a150ce8128a7d31faa224","ssdeep":"192:6dYJzymXPZUZATUcyu2Zu7xwpyAkET74Gn8iYI1aNOvvc:6dYJzymBtYu60AkETZ8i3S","tlshash":"ca224c37448e9c483a1ac26d711f1045500f847c6239c9987f71caeade9eb9a3625b7f","first_seen":"2025-10-02T10:12:35.811462Z","last_seen":"2026-05-14T18:53:57.791878Z","times_seen":8,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/platform/prod/favicon.ico?1778584360843","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:10.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /platform/prod/favicon.ico?1778584360843 HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:10 GMT\r\ncontent-type: text/html\r\ncontent-length: 138\r\netag: \"6a0322e2-8a\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-06-10T09:53:28.515944Z","times_seen":279806,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/img/login-background.03d735a2.png","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:10.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/img/login-background.03d735a2.png HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://javaadminpolymarket.17cai.net/static/css/chunk-08ccf18e.c8303832.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-1a53c3\"\r\nexpires: Sat, 13 Jun 2026 18:51:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1725379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced","md5":"f16cac383879260e267d47057f1f7a04","sha1":"0733214c0689a4d8ccef9da29bbec9d540c35e81","sha256":"99e8ce13caef7f6ab56c415dc8124df97eabd5e3cfa177ecf3839af1f10243a9","sha512":"3c3568d38617a2a2e38e1e978f4322de7d678dc92840e94023bab36fd32e488c2d387473eddeda7fa517dc28fc9acc11d66dfb1a4b7ea87d7848d77495c839a5","ssdeep":"24576:/4g19PJZYInP+NHcyzb+A9DQLyVZWn3rO:f19hdnsHHmA9DQQIbO","tlshash":"1a2523476f6c43bce5267385e5a89ce20d523859ff7d04eb7a0df0e882614eafb46241","first_seen":"2025-08-03T21:34:22.713296Z","last_seen":"2026-06-01T14:33:11.706398Z","times_seen":37,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"polymarketadminapi.17cai.net/captchaImage","fqdn":"polymarketadminapi.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:10.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"polymarketadminapi.17cai.net","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 12 May 2026 11:00:00 GMT","end":"Mon, 10 Aug 2026 10:59:59 GMT"},"fingerprint":{"sha1":"44:90:35:CC:85:AA:68:37:F1:58:7C:2F:35:83:47:E0:CF:EE:88:29","sha256":"DC:76:3E:2A:90:99:DC:31:C0:C7:1D:93:CF:B2:BD:FB:54:AE:87:80:5C:E8:F4:E9:DD:75:F2:27:77:DA:2E:00"}}},"request":{"raw":"OPTIONS /captchaImage HTTP/1.1\r\nHost: polymarketadminapi.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: istoken\r\nOrigin: https://javaadminpolymarket.17cai.net\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:11 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://javaadminpolymarket.17cai.net\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: istoken\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T10:14:22.333689Z","times_seen":16293717,"resource_available":true,"data":null}},"time_used":1437,"timings":{"blocked":586,"dns":45,"connect":267,"send":0,"wait":262,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/css/chunk-libs.ea078ece.css","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:08.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/css/chunk-libs.ea078ece.css HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-96e4\"\r\nexpires: Fri, 15 May 2026 06:51:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38628,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (22707)","md5":"09087ac11e8cf31dbccf1a43b34f7541","sha1":"d998de0a4682f7dc96fce2b0516af6e5dd0746ba","sha256":"58791d5ea3de6ecec9490d54cc6dfde017d8bd3ee7d0af94a6dc816bc6e8901a","sha512":"5ff706735d199007d5a04de1e5c62e707158208ee4dc5a035c61d6c4f1d80a6378485cf319fa4ce49ef049b6f42162619632dcf0d2b2325a62ef57c23a10692b","ssdeep":"384:KEhh6wW89xrDB5OBz0QyxFbmSOxd6GObiu6nOGvYvLDuyF9xNSU0ieUbWDx9NZ5R:ABzHyxFbmSOxd6GObiu7X9WDjNZ5Go","tlshash":"8903ee4ee8572cff0236652d91c052e02f9bfb7bf0e351daf491e58626dd0580369a3a","first_seen":"2023-04-14T21:48:03Z","last_seen":"2026-06-08T23:48:58.199025Z","times_seen":234,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/css/app.c6268fd5.css","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:08.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/css/app.c6268fd5.css HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-42a18\"\r\nexpires: Fri, 15 May 2026 06:51:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":272920,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (64974), with no line terminators","md5":"27c9c73c7fbe8f48a60a9182fa244424","sha1":"c46bdece539c2aaebcc36d325aea001c795895dc","sha256":"c404c8f38c289fb741a9467cd7d2b6bdbcc489acb53e9760ed5892bbb3f4f656","sha512":"5475255b051926b1df4d6ab2ff84874faa97d392913afc93ebad9dbec4915fdafea6a0926ed6027b752c4721b450480d521b78515acb26d40c644be6be98ce3d","ssdeep":"1536:ravyngEUt6f49+89+hoz4bv5yqm2gW9cMEutb7OOHiZkW1Yu8e+3SNZ5fhIcau91:BRKwtmnfUubtLSFUfeg","tlshash":"494496219b572127612bda6d76c0ba895f28c323e4325fbbfe51780dc7d35891263a0f","first_seen":"2026-05-14T18:51:41.852695Z","last_seen":"2026-05-14T18:53:57.80054Z","times_seen":2,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/chunk-elementUI.4b63ee0a.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:08.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/js/chunk-elementUI.4b63ee0a.js HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-b8110\"\r\nexpires: Fri, 15 May 2026 06:51:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":753936,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ef491309195dd63170176e916c43219d","sha1":"03edafa712deef91bd1f6c8b42b2edfeff21de23","sha256":"ed4cf0797c7435c750bcc67bd5d254be6990ca962d33edccb36fa5332a3dd220","sha512":"999a79fb8d81248ebc224509e51d7d60b984f89bc033efc7fe4d66ecc2139bd5cb76bcdc9d7040a0c975a8806f1283a1aa1efac32d50b502940945ef3f15e6c8","ssdeep":"6144:3bqB1PNGGFDmvHdSk0tQ9p633k075UfbmxgOOq8GsYIU2j/a+dV2F6VzE:3mrPFFDmvdSk02UUkOVj/aa2F6Vg","tlshash":"1ef41a8d72c5b47147a360b0103f150bb33b2aad6809809cf675d8ea6d79a0d626ff7d","first_seen":"2026-05-14T18:51:41.853717Z","last_seen":"2026-05-14T18:53:57.801406Z","times_seen":2,"resource_available":true,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"javaadminpolymarket.17cai.net/static/js/chunk-2d0b2b28.eab7d6f3.js","fqdn":"javaadminpolymarket.17cai.net","domain":"17cai.net","tld":"net"},"ip":{"addr":"103.85.189.70","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://javaadminpolymarket.17cai.net/","date":"2026-05-14T18:51:10.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"javaadminpolymarket.17cai.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:55:45 GMT","end":"Mon, 10 Aug 2026 11:55:44 GMT"},"fingerprint":{"sha1":"9E:07:B9:66:42:86:40:4E:8B:16:95:95:59:50:5A:A2:FB:4D:7A:23","sha256":"8F:73:DD:D4:4A:F2:DF:40:F2:31:92:BA:43:41:A6:6B:C7:EB:90:79:D8:C7:77:4C:90:13:31:9C:FC:D5:58:9F"}}},"request":{"raw":"GET /static/js/chunk-2d0b2b28.eab7d6f3.js HTTP/1.1\r\nHost: javaadminpolymarket.17cai.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 14 May 2026 18:51:10 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 12 May 2026 19:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a037baa-d62f\"\r\nexpires: Fri, 15 May 2026 06:51:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54831,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54827), with no line terminators","md5":"9c6057332adc5ff629fcc92aa99ed8d3","sha1":"7f1ab93cfb998bfd9173c1c5d47f5518d5382aad","sha256":"f4d491903f8617e3e83725c8ef951ee94e298c202a2d38a8d3f0d895a4993d69","sha512":"8bd5c3fe52d2e375400e38dc0fbf76d815f56b706fa16552d5e1be1c4a559fa34be63265894ebbfbbedb5e1e98dc80190349c445c16a47fa73e6f3d62c9ba0da","ssdeep":"1536:KslUqrcE4aaNc4Q4x2fBQ6PpasU2P+/5oseza+yie4yHp:JlUqr5W6PpasU2PQ5oPm+y54yJ","tlshash":"1933f985b6e6b46403d2a0f0061f084ae23e761da45f54fcfa5ac8e2ac7588d653ff74","first_seen":"2025-06-11T03:52:42.725351Z","last_seen":"2026-05-14T18:53:57.797038Z","times_seen":19,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"javaadminpolymarket.17cai.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}