{"report_id":"7ed820e1-8140-4c9f-86fc-2781937bf120","version":6,"status":"done","tags":[],"date":"2025-12-07T07:37:27Z","url":{"schema":"http","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"title":"🔔 Try your luck!","dom":{"size":79824,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"e5b9d5f5ebf2575eefc878a4bdcccf4c","sha1":"7da6d8e5d7184b43c6c720c5311bc2731dbae5dd","sha256":"ed9ecd281b9bc2de8c585b1e4cc18bac13d98794d74e4f19a1629e7f271a5669","sha512":"eb7eb0e523f4601ebf67724a76a9f324386527ff63ba7aa35da7b9a1c15b2d22b2e098c0dc22404eb970590451d844e926f8a1cee5f1b911d15c6d57b405067a","ssdeep":"1536:gr0ofqbMhhpCGyKGhoqaMqKHRUNMaMzHhBTiLOwhti9JUqdvvckI7pNLK:g5frfbvMqKHRUNMaMzHhBTiN3i9JUVrW","tlshash":"40733c4a9fb3012a3d2db3b2d1a2f714b21bb787f7b977f06816111096d19ca2b73650","dom_hash":"domhash6bde6988a1e44e25866e351cabe89acf","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-11T07:37:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-06","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.ak2yy.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2022-04-14","domain_rank":0,"first_seen":"2025-07-28T00:54:36.726993Z","last_seen":"2025-11-30T11:16:31.024503Z","alert_count":84,"request_count":42,"received_data":408068,"sent_data":18020,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-12-01T03:02:39.026329Z","alert_count":0,"request_count":1,"received_data":834,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"datatechonert.com","ip":{"addr":"185.49.145.45","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2021-12-24","domain_rank":17968,"first_seen":"2021-12-24T16:44:17Z","last_seen":"2025-12-03T13:26:07.944614Z","alert_count":0,"request_count":1,"received_data":482,"sent_data":551,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdntechone.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-12-24","domain_rank":31929,"first_seen":"2021-12-24T17:09:58Z","last_seen":"2025-12-02T15:57:46.521526Z","alert_count":1,"request_count":1,"received_data":17280,"sent_data":378,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j2f01ce1f-C6c7-uXw.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"bd1efcd17d50e6dcd539948acd4bb5af","sha1":"2ecae60b1e01deed16bcd2a801ce5d69df89fe19","sha256":"5f8403460f00b0f796347ad61333b217359150b5c7f44191cebf9dd032796195","sha512":"618a976c96a341467f4cddc6a914200e1d40d49370fdccc11e88824c0dc93c8691e96c5c8dbdf734f0c9702bbbb0f29f3f7eeec33e7ba72580e8c4018751eadc","ssdeep":"96:bSOFUzz6zuxzFo4Bb9QQMqgNSZsH/0sxRq2:bS8UzGSzFXB1BlZc0qg2","tlshash":"d291348fb47924fc7697c69aa173d1931a3b211a2d89c1f4e4d74f390760248a33bb47","size":4308,"data":"","first_seen":"2025-12-05T16:09:40.522963Z","last_seen":"2025-12-08T02:05:33.210411Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g42f5562-DirpylvO.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d6b1d932d7669485a416c47e62813691","sha1":"bcd536ce5095c0a24bdb30d2706f42219aec6fb8","sha256":"04487adadecf57277c33b073ca69fe71df323a1324d09f7f7e836f011d22daee","sha512":"60ff632e05f9317ae4246c6f87a90ec4f641eba887da2e0a1b54ccb9d5d7cd9a023103a149ad3ce565db102fa6863c5585e53643def41ebe7c22f022f0087485","ssdeep":"","tlshash":"1431334e71b452fc90ab45aec175ea222315022b715cebd0a03e8f342779e8e6917747","size":1598,"data":"","first_seen":"2025-12-05T16:09:40.537084Z","last_seen":"2025-12-08T02:05:33.227239Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bcc897c3-D6QogqMN.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"e4239467a216a0a1562222a04968db75","sha1":"23a2c2824a3a26cd1437f39945fadacd4f0001c8","sha256":"f6321d5fb221ca1c83017c31c3aab4e3219d3441d9607a0639f3938e969d7f9e","sha512":"5fbaed3523b65e4f5ab17aa4ad7f86077027b5c756918bb413cc2efda674dcf13ffb23aa4ffd6afa1debe6133d8449a13a09571c902a35401ec6a5c075753959","ssdeep":"","tlshash":"1df027860af14a66824e239ec162644176a801b7228d9f60f1790a3e63399aea420347","size":466,"data":"","first_seen":"2025-12-05T16:09:40.531568Z","last_seen":"2025-12-08T02:05:33.372843Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b80c56c-CnpUbS7u.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"3359370c5d1b4755ed3b2cfb6c10767e","sha1":"4723d67d99b9d02d8f94b57e5c0b70d4c73aa435","sha256":"c6f472de8bbe62e382b40fdd83298875e3930bae8097ff5a940655129a405fd5","sha512":"cde49eacb89aab13d16783fd0726b5c31db4d1ca95152ae8ef7a8d77798b4fed9ee5a34e6a65ec864c7397f8ca24e51cb3823015ba1e87769ed4c16dd6eee3b0","ssdeep":"","tlshash":"bef0a2d506f01eb5408913ddd175b3427da900b7a19daf92a13c8f68175a987a610e47","size":633,"data":"","first_seen":"2025-12-05T16:09:40.520191Z","last_seen":"2025-12-08T02:05:33.306748Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0fbb7dbae3c20bc81da1b8bf41c13e8e","sha1":"f333d36b1dbecd026483e78eac843bdeb2dde04c","sha256":"eeeffffc79c48f4fbe510fc3fcdae29885a18a48ae121968e03fe502fb48fecc","sha512":"1e82716fa5da363b595ffc7b569caaa347df281bc89fb9d62dd89d2dec789280d9574694f6f78d250922e8d0d3bdc8a637f5748d7c4f4e5cb4e5465106542e0c","ssdeep":"","tlshash":"9ff0998af3c8b623410666e5321b801be67e1851b407a864a0a088e2ac7a449c189f3a","size":636,"data":"","first_seen":"2025-03-04T04:04:04.143618Z","last_seen":"2026-04-19T03:10:45.02237Z","times_seen":3433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d4696f29-DPoFR-Qs.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"23015f911bf594409c8dd1de5c8047a5","sha1":"5c433eec0a43223dc219087f2a7511ee521fb4f1","sha256":"34e4f44fef830af586d98c806f050c440c403fcf596468bf953c4c1dfb7d1627","sha512":"299c2f0b4f4b1e2e15c2d5eb9abeece74eaa4e0fc573369f705ce46fa49cb78459e9263b71051f5d3d42d7acdd265c6000a6380cef20ecc00366f8849c18141b","ssdeep":"","tlshash":"6961326951b93b6f4c6f27f2420dc10e1e2e5c8ba489c630ad5b8b2cf95848c38b1b61","size":3231,"data":"","first_seen":"2025-12-05T16:09:40.555001Z","last_seen":"2025-12-08T02:05:33.360823Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k5b23b00e-_4JC36d1.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ebfb97bcda29adf309683f1c8216ecb9","sha1":"20939c655ec8d3f27d4cc2fd017188438b6a33b4","sha256":"2381164265b09520c872fc8a3cb1cabf08cda500fdcf2ebc37908d1e6c3a6085","sha512":"fcecd61919f2eb8917c9ac0642a1fbb5738fd9781885bbc6b463aa956cf83011e5abdeb72a45751481935b51566157d57ef39b9eba579679ef0bee73110d8c46","ssdeep":"","tlshash":"fb51747f8488a8b9095db19ec636d1a32e1828523c19c5e1e4bd4d1d57e6086e03ef67","size":2742,"data":"","first_seen":"2025-12-05T16:09:40.511487Z","last_seen":"2025-12-08T02:05:33.322634Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/r7ad0624-CuaqR7Jg.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"816ff16dc7191e5669629827507343ce","sha1":"b1766b20b6bd14f5343b50c18df5566c13463be8","sha256":"df14ba53c18653f20cc9326e2e39ec7093839fb94c842b8d15a2a786c1ddb3c0","sha512":"275b12275ec536189abf507d45b34a47db11b8152768e929bc5c70242f04816783e785c04a445ce5f50bf7af8e3921f9e48bb9dd6257ca65ab1e8d122463f6b5","ssdeep":"","tlshash":"b3312c8d26f22971806928ddf6377181b07a11a2714e99d0c03d8e767aad9cfc67268f","size":1751,"data":"","first_seen":"2025-12-05T16:09:40.492169Z","last_seen":"2025-12-08T02:05:33.215912Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e0ff58-BeE8sx2L.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1f56d82327ca867fe9eebc1672124715","sha1":"df430c0fc26415d0c6fa48284b6c6ff5d0e62709","sha256":"61dcda43ba60852ac783d0cb495defedf0bbdccb5a2994c95d6c21a60a9e417b","sha512":"afe96e6ec0f271e958656fe30c9e52136fa07af2905f46659ac53c67123578f049e2fc527eed64f662797bf2c4819a82fbb02d01777682b908327c54ed1d705e","ssdeep":"192:g6M4n3qZbkPYQqyFq84dgnlwAt1EIsOeDvdX3DrsA/Oc180RNXyWveP2:g6M4n3mbkPYQqyFq84dgqAt1EIsOeDlb","tlshash":"f5023a98b0ca1c3cd0c64ded9aa5c025b57d095da94fc289e39d6cbc01d9a05a1b3f9f","size":8916,"data":"","first_seen":"2025-12-05T16:09:40.530176Z","last_seen":"2025-12-08T02:05:33.189664Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y837272d4-B0qAxtnX.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ba24b8fc4b37e4cc0d40578c1f0ca1f6","sha1":"e126eabb7373690ebdebf1ae91f5dbcdf3b9b3aa","sha256":"37feb5adf3fd0f1591360f21bdf15de1ac65a429bcb64aa271d31bfb624269b3","sha512":"d515aaf440f1114ab205ed26d0e4c6b308d7836ac0a89eae2316154dc4eb7554f1a5fe2cb55d4f667504a64f5f3c03980d8ef9dcf7f2ea269fd52606ac651a86","ssdeep":"","tlshash":"b651e18fd02610595f95cffcf87925173ae6c21a3dc2898863d4a43c41e4bc5227fba5","size":3071,"data":"","first_seen":"2025-12-05T16:09:40.514857Z","last_seen":"2025-12-08T02:05:33.258819Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c9a78706f-D5kRu3-Z.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"631cf49b186b7a33a9b6ffad20423bd4","sha1":"071af61edc9fc4cd238ae3b1df4f36636b82c862","sha256":"893c061736a907f2425378416f8d897ba83cc338cf57a2cfd6d369bce057b31e","sha512":"20bbfe2f8b868b148190113bf48445dcdbb487255a1431029e40dcfd106940c636fbd89a3c58cd7e8d4a88eb94826e754044217d26810086ad61ae6a659ab9f3","ssdeep":"96:cmARatOb/QIlnLp7hffez9YTGDQjzHQjPki8QjIIuzxJz6M9NzMmgUV+sszbCTMz:crXDPnPfez9YaYg8FIuz/6M9FMmgUV+3","tlshash":"13b194c5d0a9dafd0eff5ade2590c16273104e073c8bd934b2a54c2927b9c0661ab747","size":5340,"data":"","first_seen":"2025-12-05T16:09:40.517804Z","last_seen":"2025-12-08T02:05:33.301011Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6b06a621eacdea265e8b31100df2aac2","sha1":"4eee60ebe6e49a74b8017f61925cf990f5ae5856","sha256":"c1c224b1ccb6e1425f0a6803b9010db89ed2e4b4beed4664b1cc72681273823b","sha512":"901b3cf659be33ff8f81dcf5ab683c258ecaca86df95021a2958db8cd0bbf1cdf7247e8212d3fbaca8a1fca82bcec094cc01c1f433ef1e91c9674666aca77728","ssdeep":"","tlshash":"ca21968ba36a375c7c71e43c0a3c9c28810f48a0a4ed64195fc50e076601b0fb8f8ea9","size":1429,"data":"","first_seen":"2025-12-07T07:37:30.279034Z","last_seen":"2025-12-07T07:37:30.279034Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f8e170b30-DjVz2fK3.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"877a4b059f74a705b2de115eb6688409","sha1":"92bc1a38898a5659fb64674e658c3cf73308b291","sha256":"cb95167528fa227c36b9214fe3051fd97b8cd76273c9b4dc89dacf4dd2e8107c","sha512":"ec9574d86299702131282269ca2579e45c76647f1daeb8ff8a4e9775935db4837311a95f312b82b9593198b9437aa6487fa0c5cee4dae64d5fa5db5b3d362b87","ssdeep":"","tlshash":"e0f0c02b29f09f65841a226ec60711413678413b07cd8f5ae1fc073813796eedc54b87","size":551,"data":"","first_seen":"2025-12-05T16:09:40.540945Z","last_seen":"2025-12-08T02:05:33.208711Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f553d4-iQfUWSfc.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"adac4868245e31f9c6c7073afe32b83f","sha1":"77ee567d1fa32dde8b1301c3f80d8e014e9e7aba","sha256":"c8ef70f40f56ad45b2526de8ec7aa840984cc6e71b2cfc03e51d11aa80925b55","sha512":"27c99c058a3095f3cd9bc86445a5d7653d070dea50ea72d1194ca55b2b802d05898ad7650d3e104b05d2e313ead0d1aa7a264334c3591bb1c23b98179e1b826b","ssdeep":"","tlshash":"4201c0cfd6f09758880635ddca266053738011471f8e5f80f27d467947b25c9690fb07","size":721,"data":"","first_seen":"2025-12-05T16:09:40.557117Z","last_seen":"2025-12-08T02:05:33.273455Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","size":16490,"data":"","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-19T01:05:27.143438Z","times_seen":9149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4c1af0f7b285642bb8af9be1358ccdf","sha1":"99684de7c628cfb3226e2859359829cd59044f4f","sha256":"1232c8f0c830c49e369ad8e76abf02d09bf431195fc82201480edc1515c217db","sha512":"b474f80e218865474416415cc857664a6f1e0934a4aa82ab217111f4baba262f92b0b9b69c5e5eeff8677b28bed39967e8752d16310a6b2d3bb60bd431603fcf","ssdeep":"192:8r3c1SyRoFCbsFOEzBr4WuVuYoe21WUfcdova4EUAMRjlehEeVGcnW/RGGb5ao8o:8XCbPm0WuVuYoe21Wucdova4+MRj8hDY","tlshash":"d922d6463ee7f2412e2467b1c07b9111b3f25952316ab192b91b7522786108fc3f3fba","size":10465,"data":"","first_seen":"2025-07-24T08:17:40.839961Z","last_seen":"2025-12-09T05:17:14.075084Z","times_seen":1721,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k41c51d57-DXQZWQbb.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d8572cd748d7f9bba245ac2230c80bf2","sha1":"ea7cdff2eb2ca51e3e664dd3f3ef1c5078ac8060","sha256":"d7de9459707fa02872d928d4cbcebf108bc3d56431cadfe7e2e2e0b31bd2985f","sha512":"ec9e516b1bbf6d9d6025cc20d4276f144e3c8a3318fe44fa4f44ccdb24286bde9055eb00e1fb2d036c21beb259b8e196ba5e2ef931286fe3493c51177d779e21","ssdeep":"","tlshash":"4801fe8b95f92244801712ffd11692213558002b179d8ba7d5bc0f794325ddfaa15f57","size":689,"data":"","first_seen":"2025-12-05T16:09:40.52891Z","last_seen":"2025-12-08T02:05:33.33113Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f426dbbfd-BW2CXGv0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5139e6ef33fbc0a39f74a4fa3c650ba4","sha1":"72d1eb4288c2f2b84b66e28cab3a7e9b39448fa7","sha256":"c8e1f0b5ec7a172233cd0e329ae5663cbd837f4ea728beeee466fe9894af2bf7","sha512":"4880a8bdfdb08d77ce2b3131ecd86941a4197f132352f30e24529aec89d068db75266a88716ece8c407e23a7435a9b550a4f54b23f78533d48e35ad0bc6955c0","ssdeep":"","tlshash":"2b418459b1252b7cf00e095ef52d828bf05a7b8acb4dcaa0f0bc491917598856b46f84","size":2206,"data":"","first_seen":"2025-12-05T21:02:43.605058Z","last_seen":"2025-12-07T21:03:33.159343Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/cfb14299-BGMreeeV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"8506d4e19453aedbf3c1fc04342b89c9","sha1":"0e2bb5bdcf7088e8614858622e74e932b0c2fa2c","sha256":"184cd18e2112ed9660cd49257113c5aad97d659890668992cdc1635e21f374a1","sha512":"aea362c50d524712756f68f2889fc20a454c6d90196b625c6970314765b332c69bbca873363ba29779f6bcf904bb42f976a317349f70b3a85158398d0bd1b97e","ssdeep":"","tlshash":"a02100d1b6486b0ea53e3fddf0cb184036301123ce8d5683d2174722634fd49427dba6","size":1135,"data":"","first_seen":"2025-06-24T19:07:51.391409Z","last_seen":"2026-02-23T22:20:45.176058Z","times_seen":2159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9b308d2b60038830ad23a38fe7378d2","sha1":"ffff1b947bf97ed50c37cf709358ddbef1327e24","sha256":"fa4cd9592f1e4e853c12a8de14d6f85f6892fa44e799f6351efad08fdf29ae82","sha512":"423f6918b76e8a6344cd7eb7896b65aa65ffefcecbdc6d3abaef00ea4569c18db324ace0bb3df64c0e6950b57852df7b8d775d8ad706b31165605a39135ecfe5","ssdeep":"384:8MLg4o4MvMD9S2YVKqFnQ7cjuGys4+GISTZ4Ex3ly0eqnatI8MfZGpsuVe6:8MLghh92YVPFnQ7cCGys4+GISTZ4ExVm","tlshash":"a082ecd69f5316443b2ce752e2678121f65c6c80f3d8b630782e5a41e8d0cea8b775bb","size":19205,"data":"","first_seen":"2025-11-07T18:38:32.601423Z","last_seen":"2025-12-08T13:03:51.548614Z","times_seen":547,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a730f0b7e-uKiSnrbr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","size":421,"data":"","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p5eebd721-Dk30nYhZ.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"f871fab8c98a0316141a07833a0ebb90","sha1":"bdd745aeba9cd12df8fb3a124870a1f7b0da885f","sha256":"4ea346ee045556baa0b8b13da2576f92f4b7cd3daf0e89afc27ec8d297f9173d","sha512":"771d3f69a642981a0d1ee795367040aef76341fc1152a7aa74fc7d9d204ecc26175dd8e5c04af83161f2005116fd47b126ad903d3ef67e5183b8d5bef48f3096","ssdeep":"","tlshash":"9b211481b6b3907c07b516ece02b7382f1044e3617ccc6d0a17602351dd4d9f9c3061b","size":1353,"data":"","first_seen":"2025-12-05T16:09:40.546231Z","last_seen":"2025-12-08T02:05:33.356815Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b8a1d52-BiajN9FO.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"1230207082d1fd79098e2adc85455e1f","sha1":"e73a9f0ac4745f0eafda22639552ee8a783db7b5","sha256":"4b7b325771784fcabc2c5864f3086bc885051bb86023475658d6bc593285d4b6","sha512":"7257c25d3a3776bb72a9613cdb181ee351658f8b10076b2030e98d5bce09e95115c7a84688dac870bcff4a9b971eb31a054fd15d40827630a303e8937bfa3f58","ssdeep":"","tlshash":"80414403b132d2b55156688fcb61724ef6b097572ae8c9b4fc385c2053c958b8b2e339","size":2399,"data":"","first_seen":"2025-12-05T16:09:40.489443Z","last_seen":"2025-12-08T02:05:33.244959Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dac3d3ae-CKK3g8Qy.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"56a8e5fad9767f6d2f398a84e2581be4","sha1":"61daa7823cd70c0fc8dcbff31bb633584b813433","sha256":"e08faa69215f9a362c5c68e9200f73e626988c1a7a982442d22da1a42123d0a7","sha512":"74513569077c3b19a5dfc35c1bf27114a895b0e55a4e27402bb3dbf20b0c2f61a908a99d1fdcd08f6141fde972014d6d0952ad2c494530d1298da9c829fa9f93","ssdeep":"","tlshash":"73819459e4145bbc651f48fbe45290953a332365924cdab0e0fc46380b4caa6fb17fdb","size":3918,"data":"","first_seen":"2025-12-07T07:37:30.272206Z","last_seen":"2025-12-07T07:37:30.272206Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/u4afaad-BHiGkKjp.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d4a73aeb2dcc17cedbb506467e361350","sha1":"d2f0ced32a8053dd15684afae77bcafa746c0a23","sha256":"c204bf2008362658e3459e0c9a886b1e2054d139ee08486df602a6f50bf6c131","sha512":"e2952ef822aa455fa1f8e008bd3aebeff7d72942f1cb5d03f22011b91ca4e76a797f903c4e926c55b65d180a77606e84ba704879665b9f437dea5d349dfd97ba","ssdeep":"","tlshash":"dd3179f948a99c34b1cd85d4a6355b0333b9160734f89e56f26fc9a0115cc8f871673e","size":1870,"data":"","first_seen":"2025-12-05T16:09:40.533264Z","last_seen":"2025-12-08T02:05:33.240957Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c42073-L0QnNa0F.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"2f12ffdc4812bf8ffba3191a7a80d944","sha1":"136ac746475b0a4363adf4aec0be8ded0b7e2531","sha256":"d94d78e43c99e173f876c4c31ece3b32d157dd63c4257b151300db6e907ae6ca","sha512":"30a37df343787f42a056fb7b5874cde1b99b61706c211ddb2ebf04334ae727c6191f6874a0ae467a043e3d3ed2843651caa8f09aa623f25f976025136197ba8b","ssdeep":"","tlshash":"b3f0598965e44275a45d23ade3116a437a0910bb2bcc5fd1f13c07385385689a516f07","size":517,"data":"","first_seen":"2025-12-05T16:09:40.544895Z","last_seen":"2025-12-08T02:05:33.304158Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/z402a86a-Cjm_A2Ml.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"dff6d42b02ccd5340727e73c5d1836da","sha1":"8b48751e046b90df631a9a1014523522587cdb2f","sha256":"506083f7a518ebecf465a78f591c02649b8f46fd9d5500fab5d7a1f95e5fb783","sha512":"8a763c90d2d7c49f56125d7f8d9f5166d68eda8bd9e847979300add025f223d8752f510e41302b54d665bc39e530afdf5b24309c6b3d250acaf544d37f51365a","ssdeep":"768:tkVitNWwUonffuqh+gtjvbhMtBTBInlCDrIPPZBMGWATx+EuA/1fwyLYBnM4+41o:iV7wUkfhsBATx+EWbfad/efPwXGY","tlshash":"7d535f9ed2129fe989b31788b91c2a11b32d0d0ded4991a0ecdf0f16176ec87217b79d","size":60821,"data":"","first_seen":"2025-12-05T16:09:40.524494Z","last_seen":"2025-12-08T02:05:33.301825Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k74ebc6f-BlvsxabF.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"e20f05b1f173064da367b5f6b35893dd","sha1":"0b346d9676872391dd1c8ae457a7868a50afd968","sha256":"8ebc4524a14a478f26f9d8a5e1fc30d50c05ecc71d3a3b93abb834b691bed700","sha512":"55ca23a7486e5151ff9891b0edb662ac025b2018b528470e6c8456e2eabeef51dcf6db9b9e6aead0189a3b06b1bc42069f004df68bbc7335572c77b3ea02b2c0","ssdeep":"768:/55FCDDOqykJ7QNp4N70H1KcvXCyLHWxA9k/eWj8kcj6tKwtZHNMSgz6lDNwnfZY:/leqs7QX4qz4PNcj6ftZHNMSZ7","tlshash":"58534a687056203a03ef51e6e0bf6a4bf2346912e48dc644e356cef06fb469d4267f2d","size":63518,"data":"","first_seen":"2025-12-05T16:09:40.503089Z","last_seen":"2025-12-08T02:05:33.240222Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bf09db82-CjWSV7r0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"581bc37e59268ae6782f24036c9d7058","sha1":"360ad01c2af527129c5e978b5961dd738eda49ef","sha256":"61029332b5843096ba7c3eb81898386c9c040c6626d9e351727083c00e5c7562","sha512":"94e29bf1fe33a98a2a521c0f74ea0802cdd61fc382268870d2c4cc6cb0a8e2d53399c1ffc76722cdb497cc5ceca882947c2ac404b439297902931890ac9a68a1","ssdeep":"96:Yey0tP4hJu3f+xSK7VK21BppiV6sBoWO70ZD4PzrZ/UsABiBBaGmH:YL0SrbSK7V5B26sBhq0F4bZUbiBaGmH","tlshash":"a881c8cfa07551bda8da85dcc131e631337522d63048e2d0f05e0e3647aad4ba6aef4b","size":4156,"data":"","first_seen":"2025-12-05T16:09:40.539481Z","last_seen":"2025-12-08T02:05:33.362807Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"091fcea2ce8db1aa7fe44a4051e96b41","sha1":"4d1b368bcbddf456742d0abacd23ee510e609158","sha256":"433585662f852c8c76ded9e6f52054e1a120c78c7c0ecb8048fd3b99faa897f7","sha512":"765886ace161a524d53d770197f9f99de2c574df18129c8f32c3d4805f4680e2bd3c538527c6ed7e053b462fd1482e2eae75fcdf545bbeb795feff24d9c77d7f","ssdeep":"","tlshash":"14c02b9512f3e130f2a741c5c3cf32430000725602f841d351055c70401cc8a55a4f30","size":130,"data":"","first_seen":"2023-07-22T04:09:49Z","last_seen":"2026-04-19T02:32:56.85397Z","times_seen":9041,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"15505b2350e129b787d479f7507edee9","sha1":"09ccb3a84e7f25a30bf97594c9c98b6878fd4483","sha256":"53b6bbda82ae145cfc0fb1941cb035359d1c8b298798339cf53f5a543836ad65","sha512":"970991ac74c61bd2a25fe8a331be62b328d99d1f04b87a83cf50deda9d4d6b68a04403ba120796b1e2f9de04af78d640626fb95d2370907f4b626385f0562178","ssdeep":"","tlshash":"3a61947813111bb33ddda0a9dd286ec3dda51834859a887e784e5cf30658e4381bebb9","size":3462,"data":"","first_seen":"2025-06-11T22:43:11.360804Z","last_seen":"2026-04-19T02:32:56.854587Z","times_seen":8102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b46d2717-yhRMQGzE.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb242892f10b9ecb20353f6a9b1b4a9f","sha1":"372fe6b02efff3e53e5c03f8c4a4a66530d571d4","sha256":"82e127fbc5fd7b92c5f041efba6c1cc99c0d1e0b9e70fa130b9484c5806add6e","sha512":"2f5a448bc604731572ed2c5e0068ca7b67cc3580690e03e0a58a5e7ebe8749862521385843c46e28837920ec5ad9e41e4e554e5e18d28da77aeb56aa4bc12cff","ssdeep":"","tlshash":"2e71b8cdc9d5c434519f32de1024226076bd4e0b752d83c4e0bd0f398b5da4a9446b6b","size":3734,"data":"","first_seen":"2025-12-05T16:09:40.534525Z","last_seen":"2025-12-08T02:05:33.209583Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b541e60e-CXH_KT1m.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"71579a9e0c6a2e50f716bf01505c8201","sha1":"fd12c5ee385b3feaa04fb817a2ec61126407a38d","sha256":"ace21d6239186e534282679642e8bed71f36dd2fcaa08e5b51f3b9927fd8d5e5","sha512":"9ce3d599bfeeb671c3c5823b5c7ba960022cf74b25a590cd45e4a9fe1b7b0654cf83b8ad14f4061014945770acbd168b0539f282ebb66e3e5ee0163bee6f04e9","ssdeep":"","tlshash":"6241716d80b9c4b0c1956bdd8236f92230aa443b346cced5e23e8a3657bde8590b5736","size":2196,"data":"","first_seen":"2025-12-05T16:09:40.516338Z","last_seen":"2025-12-08T02:05:33.34109Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f77704d-Db0nWptw.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5dfb60deb17ad0fdbbfd225148e6fb0e","sha1":"95f5ebd5d30bd15a922ca8b82658621ffa0e9a3c","sha256":"99cd132dd55f2dc5b01e48a2cbd482b1747db2b3291b5a8a411c30f2eff36a91","sha512":"1230726a8d59449cee5354b3d52699fd8ac9edc13a99080f4646a2a3c5347eca9a98d27790a5f69bb89f7ccff57b931d9ae60ce189a6cc01c8fad9795664f709","ssdeep":"","tlshash":"003142df85604af9c45b85e6e21af6303369028b924cab45d0be1e301737d4bd629f47","size":1744,"data":"","first_seen":"2025-12-05T16:09:40.53576Z","last_seen":"2025-12-08T02:05:33.367382Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d5bb61-Dez3GIXP.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9020bbaa8041dda2254099efc97e07dd","sha1":"38e61f958c4cdb98117c4e2a156d1b2fdac6a3ed","sha256":"33fa65216ba51a8d9dca4f7cbfd28ed939ba079171258284eb479d36c138171c","sha512":"1d344e6ddd629982dbbf0f805f54aee3f760ab34801eda2d869f2765cbb9d5861a4946238048a5681809733280146e6cf786558574f4b68d119e10575d4b592a","ssdeep":"1536:Or2RivKGOUC9dpjXOnlVS+NLcgzAyOx+XuPqTeJcvmzhAQ8:OiRMnlM+NLcgzAye+XuPqKJcYF8","tlshash":"7563f98b3392a1145ba9409514ba0403e399fe9e705994d4f6ee54cefb8ccc5f27bb38","size":73302,"data":"","first_seen":"2025-12-05T16:09:40.513257Z","last_seen":"2025-12-08T02:05:33.26275Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/eed1a1dfc-D7_95yjL.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ffb7d8c0373d0c03f510aa4a2eacab2c","sha1":"155015154f32896f59051afc73c5c71e8f9c5121","sha256":"4efd106b96ce2bd541380878bbe0a6ab070b8dc1ce875415ae2aedfd7bb6cc59","sha512":"d06904b972ade16d4e28e0c959bbeb3c15da109afcf18507ca41f6e94c5253afad59968bda340d1db53a86d2616d09dc56be175826dbf512af99b4448a7a9e7e","ssdeep":"","tlshash":"2e51a60d426d24a950dccfebad32594dbbba6416698c3ca8fc2b4cdd034ed8cc21697d","size":3167,"data":"","first_seen":"2025-12-05T16:09:40.509873Z","last_seen":"2025-12-08T02:05:33.341905Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/s17118f09a-C3xGIlLX.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"03f05fb22649400a0182d46c8189dfe8","sha1":"3a95542e9f2abaff4986cb9c67ac19663055144c","sha256":"98687d7e07f391ca5972515db8ef829157b2be4c0f854b17ace8852d2f69a4f6","sha512":"8805a4ade7fca6f9b0737bf82ac70e58bde57ffe10746aee7ada8e9619cb8f3c1de1ff0cccb82013cae6d82f39149956fdc0f1ceabb218efb4ab9796b9ddf3bc","ssdeep":"","tlshash":"fb11354abba42c2d40151dedd014f421410651ab27d48fd6e07e967c2f3decd7d12b17","size":1060,"data":"","first_seen":"2025-12-05T16:09:40.505809Z","last_seen":"2025-12-08T02:05:33.260447Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba0f4e77cb3d1968e8bb09e81cc6345e","sha1":"c3dabda4cfc7ed18627ba989f8ae8766b1ce4933","sha256":"7885d6bc09b192bdb9d4b2599239e210ae4b70f1773646a96c97a9a21c184487","sha512":"57baf1a1c836348e36fb6c38e649c142601110dd231faea9bc2a5c9c653c4b014dc4d02b3bbd7dad06a67eb2418bde568ca6f698086f9ce179718b5b1c56261a","ssdeep":"","tlshash":"f3c02bd612f36130f3ab40c7838f31c300207016027840d351014c70101c4494594e30","size":130,"data":"","first_seen":"2023-07-23T05:20:44Z","last_seen":"2026-04-19T03:10:45.026942Z","times_seen":6972,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l308af9e-CoUdx279.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b90e49bb1b064e21c9e7f4ec9d66a522","sha1":"d7f2300b7b0b0a32fe4af52ee4ab87a39035fd7e","sha256":"e063b784f6fd01cae8cbed83eb2e35ac1378bd973c4c55a2bfea1f571c5c8d70","sha512":"1445f2b733f367e2aff6d0d76ed7b45fa09bfa34d53417bd323d42a0ec5fd229dc78e1a0c4be0c6904778acb22908f3b6b0799b7c061f37282dd35e7892884ee","ssdeep":"","tlshash":"0211448f41f06be6845b1adfd221a513358804632bccefc1d5fc1f38076199a2521f8b","size":929,"data":"","first_seen":"2025-12-05T16:09:40.553174Z","last_seen":"2025-12-08T02:05:33.348012Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1235\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1235,"data":"[{\"app\":\"landings\",\"event\":\"adex_script_load\",\"usid\":\"19af7be258c4fede0bcbcd\",\"sub_id\":\"1021434726589936141\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"luck-chest\",\"event_source\":1,\"ymid\":\"1021434726589936141\",\"request_var\":\"keitaro_9009489\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ\",\"source_zone_id\":10048479,\"config_id\":1848,\"build_version\":\"v0.0.608-verticals\",\"landing_load_date_time\":\"2025-12-07 07:37:05.000584 +00:00\",\"vertical\":\"igaming\",\"events_history\":[{\"timeStamp\":1765093025162,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765093025583,\"event\":\"adex_init\",\"timeOrigin\":421},{\"timeStamp\":1765093025595,\"event\":\"load\",\"timeOrigin\":12},{\"timeStamp\":1765093025721,\"event\":\"adex_script_load\",\"timeOrigin\":126}]}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 0a68a3b4b8691e145ceba0663e8233b8\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T03:33:37.326717Z","times_seen":121520,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f77704d-Db0nWptw.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/f77704d-Db0nWptw.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-6d0\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1744,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1743)","md5":"5dfb60deb17ad0fdbbfd225148e6fb0e","sha1":"95f5ebd5d30bd15a922ca8b82658621ffa0e9a3c","sha256":"99cd132dd55f2dc5b01e48a2cbd482b1747db2b3291b5a8a411c30f2eff36a91","sha512":"1230726a8d59449cee5354b3d52699fd8ac9edc13a99080f4646a2a3c5347eca9a98d27790a5f69bb89f7ccff57b931d9ae60ce189a6cc01c8fad9795664f709","ssdeep":"","tlshash":"003142df85604af9c45b85e6e21af6303369028b924cab45d0be1e301737d4bd629f47","first_seen":"2025-12-05T16:09:40.53576Z","last_seen":"2025-12-08T02:05:33.367382Z","times_seen":36,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bcc897c3-D6QogqMN.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/bcc897c3-D6QogqMN.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-1d2\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":466,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (466), with no line terminators","md5":"e4239467a216a0a1562222a04968db75","sha1":"23a2c2824a3a26cd1437f39945fadacd4f0001c8","sha256":"f6321d5fb221ca1c83017c31c3aab4e3219d3441d9607a0639f3938e969d7f9e","sha512":"5fbaed3523b65e4f5ab17aa4ad7f86077027b5c756918bb413cc2efda674dcf13ffb23aa4ffd6afa1debe6133d8449a13a09571c902a35401ec6a5c075753959","ssdeep":"","tlshash":"1df027860af14a66824e239ec162644176a801b7228d9f60f1790a3e63399aea420347","first_seen":"2025-12-05T16:09:40.531568Z","last_seen":"2025-12-08T02:05:33.372843Z","times_seen":42,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e0ff58-BeE8sx2L.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/e0ff58-BeE8sx2L.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-22d4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8916,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8915), with no line terminators","md5":"1f56d82327ca867fe9eebc1672124715","sha1":"df430c0fc26415d0c6fa48284b6c6ff5d0e62709","sha256":"61dcda43ba60852ac783d0cb495defedf0bbdccb5a2994c95d6c21a60a9e417b","sha512":"afe96e6ec0f271e958656fe30c9e52136fa07af2905f46659ac53c67123578f049e2fc527eed64f662797bf2c4819a82fbb02d01777682b908327c54ed1d705e","ssdeep":"192:g6M4n3qZbkPYQqyFq84dgnlwAt1EIsOeDvdX3DrsA/Oc180RNXyWveP2:g6M4n3mbkPYQqyFq84dgqAt1EIsOeDlb","tlshash":"f5023a98b0ca1c3cd0c64ded9aa5c025b57d095da94fc289e39d6cbc01d9a05a1b3f9f","first_seen":"2025-12-05T16:09:40.530176Z","last_seen":"2025-12-08T02:05:33.189664Z","times_seen":42,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/r7ad0624-CuaqR7Jg.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/r7ad0624-CuaqR7Jg.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-6d7\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1751,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1750)","md5":"816ff16dc7191e5669629827507343ce","sha1":"b1766b20b6bd14f5343b50c18df5566c13463be8","sha256":"df14ba53c18653f20cc9326e2e39ec7093839fb94c842b8d15a2a786c1ddb3c0","sha512":"275b12275ec536189abf507d45b34a47db11b8152768e929bc5c70242f04816783e785c04a445ce5f50bf7af8e3921f9e48bb9dd6257ca65ab1e8d122463f6b5","ssdeep":"","tlshash":"b3312c8d26f22971806928ddf6377181b07a11a2714e99d0c03d8e767aad9cfc67268f","first_seen":"2025-12-05T16:09:40.492169Z","last_seen":"2025-12-08T02:05:33.215912Z","times_seen":42,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k5b23b00e-_4JC36d1.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/k5b23b00e-_4JC36d1.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-ab6\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2742,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2741)","md5":"ebfb97bcda29adf309683f1c8216ecb9","sha1":"20939c655ec8d3f27d4cc2fd017188438b6a33b4","sha256":"2381164265b09520c872fc8a3cb1cabf08cda500fdcf2ebc37908d1e6c3a6085","sha512":"fcecd61919f2eb8917c9ac0642a1fbb5738fd9781885bbc6b463aa956cf83011e5abdeb72a45751481935b51566157d57ef39b9eba579679ef0bee73110d8c46","ssdeep":"","tlshash":"fb51747f8488a8b9095db19ec636d1a32e1828523c19c5e1e4bd4d1d57e6086e03ef67","first_seen":"2025-12-05T16:09:40.511487Z","last_seen":"2025-12-08T02:05:33.322634Z","times_seen":42,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g42f5562-DirpylvO.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/g42f5562-DirpylvO.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-63e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1598,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1597)","md5":"d6b1d932d7669485a416c47e62813691","sha1":"bcd536ce5095c0a24bdb30d2706f42219aec6fb8","sha256":"04487adadecf57277c33b073ca69fe71df323a1324d09f7f7e836f011d22daee","sha512":"60ff632e05f9317ae4246c6f87a90ec4f641eba887da2e0a1b54ccb9d5d7cd9a023103a149ad3ce565db102fa6863c5585e53643def41ebe7c22f022f0087485","ssdeep":"","tlshash":"1431334e71b452fc90ab45aec175ea222315022b715cebd0a03e8f342779e8e6917747","first_seen":"2025-12-05T16:09:40.537084Z","last_seen":"2025-12-08T02:05:33.227239Z","times_seen":25,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d4696f29-DPoFR-Qs.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/d4696f29-DPoFR-Qs.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-c9f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3231,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3230)","md5":"23015f911bf594409c8dd1de5c8047a5","sha1":"5c433eec0a43223dc219087f2a7511ee521fb4f1","sha256":"34e4f44fef830af586d98c806f050c440c403fcf596468bf953c4c1dfb7d1627","sha512":"299c2f0b4f4b1e2e15c2d5eb9abeece74eaa4e0fc573369f705ce46fa49cb78459e9263b71051f5d3d42d7acdd265c6000a6380cef20ecc00366f8849c18141b","ssdeep":"","tlshash":"6961326951b93b6f4c6f27f2420dc10e1e2e5c8ba489c630ad5b8b2cf95848c38b1b61","first_seen":"2025-12-05T16:09:40.555001Z","last_seen":"2025-12-08T02:05:33.360823Z","times_seen":42,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p5eebd721-Dk30nYhZ.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/p5eebd721-Dk30nYhZ.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-549\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1353,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1353), with no line terminators","md5":"f871fab8c98a0316141a07833a0ebb90","sha1":"bdd745aeba9cd12df8fb3a124870a1f7b0da885f","sha256":"4ea346ee045556baa0b8b13da2576f92f4b7cd3daf0e89afc27ec8d297f9173d","sha512":"771d3f69a642981a0d1ee795367040aef76341fc1152a7aa74fc7d9d204ecc26175dd8e5c04af83161f2005116fd47b126ad903d3ef67e5183b8d5bef48f3096","ssdeep":"","tlshash":"9b211481b6b3907c07b516ece02b7382f1044e3617ccc6d0a17602351dd4d9f9c3061b","first_seen":"2025-12-05T16:09:40.546231Z","last_seen":"2025-12-08T02:05:33.356815Z","times_seen":42,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1097\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1097,"data":"[{\"app\":\"landings\",\"event\":\"adex_init\",\"usid\":\"19af7be258c4fede0bcbcd\",\"sub_id\":\"1021434726589936141\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"luck-chest\",\"event_source\":1,\"ymid\":\"1021434726589936141\",\"request_var\":\"keitaro_9009489\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ\",\"source_zone_id\":10048479,\"config_id\":1848,\"build_version\":\"v0.0.608-verticals\",\"landing_load_date_time\":\"2025-12-07 07:37:05.000584 +00:00\",\"vertical\":\"igaming\",\"events_history\":[{\"timeStamp\":1765093025162,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765093025583,\"event\":\"adex_init\",\"timeOrigin\":421}]}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 9e37fdfebb763404a0c2fdb147072bea\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T03:33:37.326717Z","times_seen":121520,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?userId=hl4vlvuvcrsir90wgi9fs5r9xvmdvuv","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js?userId=hl4vlvuvcrsir90wgi9fs5r9xvmdvuv HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://cdn.ak2yy.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=hl4vlvuvcrsir90wgi9fs5r9xvmdvuv; expires=Mon, 07 Dec 2026 07:37:05 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9aa25b1269a156b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"52716dc98662bbc001b2d11f482b9695","sha1":"c5f1487306b6450726879cffaaf9cf0caae24167","sha256":"7d7e5f1f852d7967e47330d7f03552c97cc166b85f097bb8f359e3604294e676","sha512":"9a951336813f052219032ca0cbd56b376bb1a6e180d402804e214aa93677c354f768f1c0dd6da799d95435ee93d25ee69e12dd797bdf81e8c085354669485da4","ssdeep":"","tlshash":"75a002d0d9a44ec884004b595ac68b81840801a99615e20c4dd895a65fdb14c188f20c","first_seen":"2025-12-07T07:37:30.24773Z","last_seen":"2025-12-07T07:37:30.24773Z","times_seen":1,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":69,"dns":33,"connect":1,"send":0,"wait":40,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T07:37:04.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:04 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:04 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]}],"data":{"size":77959,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"5c485bce69d1b1f3a9aef95d9d7beae8","sha1":"dbf437bd44444e534dfbeb8b22b19d41109183b5","sha256":"17bbeb7233089ccfe9b3f8c72fd4c2ff86c7d4bc563b618f701e7d0269df40e3","sha512":"99978f45b2147b0b8d3eb88c59ff1f35048eba916a2309712ad0faf667e385a33c31ce7e36d7a0b7ed9f414d526fd2a8474107f16ffccac50a6c55b90a97b12f","ssdeep":"1536:3r0ofqbMhhpCGyKGhoqaMqKHRUNMaMzHhBTiLOwhti9JUjvvcSf7FNL79nQ3:35frfbvMqKHRUNMaMzHhBTiN3i9JUoQ4","tlshash":"24732b4a8fb3012a3d2db3b2d0a2f714b21bb787f7b977f16816111096d15da2b73a50","first_seen":"2025-12-07T07:37:30.249845Z","last_seen":"2025-12-07T07:37:30.249845Z","times_seen":1,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":141,"dns":94,"connect":19,"send":0,"wait":37,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b46d2717-yhRMQGzE.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/b46d2717-yhRMQGzE.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-e96\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3734,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3734), with no line terminators","md5":"eb242892f10b9ecb20353f6a9b1b4a9f","sha1":"372fe6b02efff3e53e5c03f8c4a4a66530d571d4","sha256":"82e127fbc5fd7b92c5f041efba6c1cc99c0d1e0b9e70fa130b9484c5806add6e","sha512":"2f5a448bc604731572ed2c5e0068ca7b67cc3580690e03e0a58a5e7ebe8749862521385843c46e28837920ec5ad9e41e4e554e5e18d28da77aeb56aa4bc12cff","ssdeep":"","tlshash":"2e71b8cdc9d5c434519f32de1024226076bd4e0b752d83c4e0bd0f398b5da4a9446b6b","first_seen":"2025-12-05T16:09:40.534525Z","last_seen":"2025-12-08T02:05:33.209583Z","times_seen":42,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b8a1d52-BiajN9FO.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/b8a1d52-BiajN9FO.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-95f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2399,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2398)","md5":"1230207082d1fd79098e2adc85455e1f","sha1":"e73a9f0ac4745f0eafda22639552ee8a783db7b5","sha256":"4b7b325771784fcabc2c5864f3086bc885051bb86023475658d6bc593285d4b6","sha512":"7257c25d3a3776bb72a9613cdb181ee351658f8b10076b2030e98d5bce09e95115c7a84688dac870bcff4a9b971eb31a054fd15d40827630a303e8937bfa3f58","ssdeep":"","tlshash":"80414403b132d2b55156688fcb61724ef6b097572ae8c9b4fc385c2053c958b8b2e339","first_seen":"2025-12-05T16:09:40.489443Z","last_seen":"2025-12-08T02:05:33.244959Z","times_seen":42,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y837272d4-B0qAxtnX.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/y837272d4-B0qAxtnX.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-bff\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3071,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3070)","md5":"ba24b8fc4b37e4cc0d40578c1f0ca1f6","sha1":"e126eabb7373690ebdebf1ae91f5dbcdf3b9b3aa","sha256":"37feb5adf3fd0f1591360f21bdf15de1ac65a429bcb64aa271d31bfb624269b3","sha512":"d515aaf440f1114ab205ed26d0e4c6b308d7836ac0a89eae2316154dc4eb7554f1a5fe2cb55d4f667504a64f5f3c03980d8ef9dcf7f2ea269fd52606ac651a86","ssdeep":"","tlshash":"b651e18fd02610595f95cffcf87925173ae6c21a3dc2898863d4a43c41e4bc5227fba5","first_seen":"2025-12-05T16:09:40.514857Z","last_seen":"2025-12-08T02:05:33.258819Z","times_seen":42,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d5bb61-Dez3GIXP.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/d5bb61-Dez3GIXP.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-11e56\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73302,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9020bbaa8041dda2254099efc97e07dd","sha1":"38e61f958c4cdb98117c4e2a156d1b2fdac6a3ed","sha256":"33fa65216ba51a8d9dca4f7cbfd28ed939ba079171258284eb479d36c138171c","sha512":"1d344e6ddd629982dbbf0f805f54aee3f760ab34801eda2d869f2765cbb9d5861a4946238048a5681809733280146e6cf786558574f4b68d119e10575d4b592a","ssdeep":"1536:Or2RivKGOUC9dpjXOnlVS+NLcgzAyOx+XuPqTeJcvmzhAQ8:OiRMnlM+NLcgzAye+XuPqKJcYF8","tlshash":"7563f98b3392a1145ba9409514ba0403e399fe9e705994d4f6ee54cefb8ccc5f27bb38","first_seen":"2025-12-05T16:09:40.513257Z","last_seen":"2025-12-08T02:05:33.26275Z","times_seen":42,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f553d4-iQfUWSfc.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/f553d4-iQfUWSfc.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-2d1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":721,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (720)","md5":"adac4868245e31f9c6c7073afe32b83f","sha1":"77ee567d1fa32dde8b1301c3f80d8e014e9e7aba","sha256":"c8ef70f40f56ad45b2526de8ec7aa840984cc6e71b2cfc03e51d11aa80925b55","sha512":"27c99c058a3095f3cd9bc86445a5d7653d070dea50ea72d1194ca55b2b802d05898ad7650d3e104b05d2e313ead0d1aa7a264334c3591bb1c23b98179e1b826b","ssdeep":"","tlshash":"4201c0cfd6f09758880635ddca266053738011471f8e5f80f27d467947b25c9690fb07","first_seen":"2025-12-05T16:09:40.557117Z","last_seen":"2025-12-08T02:05:33.273455Z","times_seen":42,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c9a78706f-D5kRu3-Z.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/c9a78706f-D5kRu3-Z.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-14dc\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5340,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5340), with no line terminators","md5":"631cf49b186b7a33a9b6ffad20423bd4","sha1":"071af61edc9fc4cd238ae3b1df4f36636b82c862","sha256":"893c061736a907f2425378416f8d897ba83cc338cf57a2cfd6d369bce057b31e","sha512":"20bbfe2f8b868b148190113bf48445dcdbb487255a1431029e40dcfd106940c636fbd89a3c58cd7e8d4a88eb94826e754044217d26810086ad61ae6a659ab9f3","ssdeep":"96:cmARatOb/QIlnLp7hffez9YTGDQjzHQjPki8QjIIuzxJz6M9NzMmgUV+sszbCTMz:crXDPnPfez9YaYg8FIuz/6M9FMmgUV+3","tlshash":"13b194c5d0a9dafd0eff5ade2590c16273104e073c8bd934b2a54c2927b9c0661ab747","first_seen":"2025-12-05T16:09:40.517804Z","last_seen":"2025-12-08T02:05:33.301011Z","times_seen":42,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c42073-L0QnNa0F.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/c42073-L0QnNa0F.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-205\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":517,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (516)","md5":"2f12ffdc4812bf8ffba3191a7a80d944","sha1":"136ac746475b0a4363adf4aec0be8ded0b7e2531","sha256":"d94d78e43c99e173f876c4c31ece3b32d157dd63c4257b151300db6e907ae6ca","sha512":"30a37df343787f42a056fb7b5874cde1b99b61706c211ddb2ebf04334ae727c6191f6874a0ae467a043e3d3ed2843651caa8f09aa623f25f976025136197ba8b","ssdeep":"","tlshash":"b3f0598965e44275a45d23ade3116a437a0910bb2bcc5fd1f13c07385385689a516f07","first_seen":"2025-12-05T16:09:40.544895Z","last_seen":"2025-12-08T02:05:33.304158Z","times_seen":25,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1028\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1028,"data":"[{\"app\":\"landings\",\"event\":\"start\",\"usid\":\"19af7be258c4fede0bcbcd\",\"sub_id\":\"1021434726589936141\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"luck-chest\",\"event_source\":1,\"ymid\":\"1021434726589936141\",\"request_var\":\"keitaro_9009489\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ\",\"source_zone_id\":10048479,\"config_id\":1848,\"build_version\":\"v0.0.608-verticals\",\"landing_load_date_time\":\"2025-12-07 07:37:05.000164 +00:00\",\"vertical\":\"igaming\",\"events_history\":[{\"timeStamp\":1765093025162,\"event\":\"start\",\"timeOrigin\":0}]}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: c37d954d16d4149e018a332062ec10e0\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T03:33:37.326717Z","times_seen":121520,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f8e170b30-DjVz2fK3.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/f8e170b30-DjVz2fK3.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-227\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":551,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (551), with no line terminators","md5":"877a4b059f74a705b2de115eb6688409","sha1":"92bc1a38898a5659fb64674e658c3cf73308b291","sha256":"cb95167528fa227c36b9214fe3051fd97b8cd76273c9b4dc89dacf4dd2e8107c","sha512":"ec9574d86299702131282269ca2579e45c76647f1daeb8ff8a4e9775935db4837311a95f312b82b9593198b9437aa6487fa0c5cee4dae64d5fa5db5b3d362b87","ssdeep":"","tlshash":"e0f0c02b29f09f65841a226ec60711413678413b07cd8f5ae1fc073813796eedc54b87","first_seen":"2025-12-05T16:09:40.540945Z","last_seen":"2025-12-08T02:05:33.208711Z","times_seen":42,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k41c51d57-DXQZWQbb.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/k41c51d57-DXQZWQbb.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-2b1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":689,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (688)","md5":"d8572cd748d7f9bba245ac2230c80bf2","sha1":"ea7cdff2eb2ca51e3e664dd3f3ef1c5078ac8060","sha256":"d7de9459707fa02872d928d4cbcebf108bc3d56431cadfe7e2e2e0b31bd2985f","sha512":"ec9e516b1bbf6d9d6025cc20d4276f144e3c8a3318fe44fa4f44ccdb24286bde9055eb00e1fb2d036c21beb259b8e196ba5e2ef931286fe3493c51177d779e21","ssdeep":"","tlshash":"4801fe8b95f92244801712ffd11692213558002b179d8ba7d5bc0f794325ddfaa15f57","first_seen":"2025-12-05T16:09:40.52891Z","last_seen":"2025-12-08T02:05:33.33113Z","times_seen":42,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l308af9e-CoUdx279.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/l308af9e-CoUdx279.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-3a1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":929,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (928)","md5":"b90e49bb1b064e21c9e7f4ec9d66a522","sha1":"d7f2300b7b0b0a32fe4af52ee4ab87a39035fd7e","sha256":"e063b784f6fd01cae8cbed83eb2e35ac1378bd973c4c55a2bfea1f571c5c8d70","sha512":"1445f2b733f367e2aff6d0d76ed7b45fa09bfa34d53417bd323d42a0ec5fd229dc78e1a0c4be0c6904778acb22908f3b6b0799b7c061f37282dd35e7892884ee","ssdeep":"","tlshash":"0211448f41f06be6845b1adfd221a513358804632bccefc1d5fc1f38076199a2521f8b","first_seen":"2025-12-05T16:09:40.553174Z","last_seen":"2025-12-08T02:05:33.348012Z","times_seen":42,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j2f01ce1f-C6c7-uXw.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/j2f01ce1f-C6c7-uXw.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-10d4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4308,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4307)","md5":"bd1efcd17d50e6dcd539948acd4bb5af","sha1":"2ecae60b1e01deed16bcd2a801ce5d69df89fe19","sha256":"5f8403460f00b0f796347ad61333b217359150b5c7f44191cebf9dd032796195","sha512":"618a976c96a341467f4cddc6a914200e1d40d49370fdccc11e88824c0dc93c8691e96c5c8dbdf734f0c9702bbbb0f29f3f7eeec33e7ba72580e8c4018751eadc","ssdeep":"96:bSOFUzz6zuxzFo4Bb9QQMqgNSZsH/0sxRq2:bS8UzGSzFXB1BlZc0qg2","tlshash":"d291348fb47924fc7697c69aa173d1931a3b211a2d89c1f4e4d74f390760248a33bb47","first_seen":"2025-12-05T16:09:40.522963Z","last_seen":"2025-12-08T02:05:33.210411Z","times_seen":42,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/favicon-96x96.png","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /favicon-96x96.png HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 6015\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: \"69330062-177f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6015,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, interlaced","md5":"cacd53100e7d31ae7b404a98e84ffe07","sha1":"f847c273bcf0e46bf55210e2ad9c98f108a16f6a","sha256":"9a13272a282dbcb3640a3e39a2bb1ba96c6ba5c7ff730d84d7d9ddd8a291724c","sha512":"d1717a6c9a90c6cc084d0f976d1cfed82d73fe08cdc280c97b680d60628090975de5da35c0dd32cb9f1205b4522dba9977c3ba7cb9d8a97770fc1a5b38b17b25","ssdeep":"96:pq0fSwKYPmvGmB6J3vW2/EPL1albpwAxLmkEfeU37ICI2FidSryKfOZCepkOpZNr:pq+SwKYPmvV69lcPL1a3wKmk2evCdQd9","tlshash":"75c18d96cd231027da329832247307cecd4af43bd9922395629205a61fd9c8caf8e793","first_seen":"2025-10-06T18:06:11.210074Z","last_seen":"2026-03-26T17:02:07.818752Z","times_seen":1027,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=d49b4edf-534c-4f95-bed5-231daf619fbc","fqdn":"datatechonert.com","domain":"datatechonert.com","tld":"com"},"ip":{"addr":"185.49.145.45","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"datatechonert.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Dec 2024 00:00:00 GMT","end":"Tue, 23 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"ED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72","sha256":"A3:45:F2:05:D1:B6:89:92:B3:05:C2:75:20:48:5F:3C:AA:EB:B3:A9:32:5E:CF:38:C4:37:CD:C0:B9:57:CA:E8"}}},"request":{"raw":"POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=d49b4edf-534c-4f95-bed5-231daf619fbc HTTP/1.1\r\nHost: datatechonert.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1858\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1858,"data":"L\u001bRR\u001f\u001c\u0026\u001c\u0014\u0005g\u001f\u001cK\u0012\u0003\u0001\u0005P\u000eL_\u0003\u000e\u0011\u001aX\u0016\u0010JO@T\u0005\u000fT\u0011\u0003\u001e\u000eP\u0018L\u001fA\u001b\t\u00147\u0001\n\tWN\u001a\u001b\tICP_[^\u0016\u001a\u0017X\u001b\t\u0006VF\u000e\u001fWX\t[A\tMH\u0019\u0003P\u000e_]\u0005\r\u001f\u0014\r\r\u000eJOS\nQI\u0015C\u001d\u0007\u0003P\u000e_]\u0005\r\u001f\u0014\r\u001c[REN\u001a\u001e\u0000\u001b[ZBI\u001bLLW\u0007\u0015\u0011A\u001c\u0007[REN\u001a\u001a\u0018QCP_[@\u0000BODQ\u0011\fKTK\\Y@K\u001e[\u0003PXV[^\u0016\u001d\f@\u001b\t\u0007H\\IDW\u0016K6\u001d\\\u0015\u000f\r\u001f\u0017PLW\u0007\u0015\u0011\\\t\u0011\u0018JO@u\u0006\u0003P\r\u0006\u000fDG\u001a^M\u001fnZX\u001e\u000b\u000e\u001bU,lIH\tOZUK%]\u0000[\u0003\u0002\u0013NLPBH\u0007\u0014\u0002XJ\rOZGK5Q\r\u0006X\u0016\u0001\u0006KTIYES\u0018/\u0010K\u0004\f\u0001\u0013]\u0005]Y\u0019\t\u0011\u001aX\n\tJOS\u0014K\t]CPL\u0002\u001c@\u000b\u001fYX_\u001b\n\u0000\u001fE\u0003\u000b]\u001e\u001cK[\u0003\u001d;;\u000f\u0007\u0003C\\AX\u001b\bT\u0018\u0011\u0004\u0015\u001f\u0010\\\u0016\u000f\u001cQ\u001bG\u003e$\fP]B\u001f\u0016\u0017\t\u0019OH\r\u001f\u0014\u0017\u0003\u000b\u001c\u0017FT\u0004Diz\r\u0013\n\r\r\u0007\fY\u0005TI\u0005\fC\u001d\u001bQ\u0019\bE\u0003ZE*-B\u0001\u001b\u0016]\u001b\u0017X\rG\u001e\u000f\u0014\u0019\u0018\u0004RNVD@\r\n8\u003cY\u001aE[L\b\u000eLQ\u001cA\u0002\u0001\u001b\u001bWD\u001cFCJWN\u001a\u0019\u0015\u001b[H\u0006\u001f\u0006D\u001dW\u0018\u0016PR\u0014J\u0018\u0003G\u001bAG\u001aV\fE\u0002\u001e\u0011_C\u000e_\\@BUUA\\MM\\\fWQ\u0015\u0007\u0002T\u0010\t\\Y\u0001\t\n\u0001L\\_\u000b\u0014\u000fH\b\u0010^\u000f\u0003\nVK\rVU\u0004\n\u0004\u0010\u001f\u001c\t\u0001\u0007\u0007KTH\u000eW_^RA\u0005ZY\u0011PC\u000bBUWYCW\u0016\\K\u0017WXH\u0006\u0016\u0001S\n\u0001nZc\u0010\f,_3\u000bZ\"Jw$3\u001d\u001c8A/KZ]\u0006\nY))\u0011\u0015\u003e0m'\u003cW93c\u0016)^\u000f\u0006T2\u0003_\u001bHS\b[H\rR^YYD\u0001VT\u000e\n\u0005\u0007NU_\u001b\u0012_B\u000e3\t\u000eS9\u0019\u003c@_\"a\nFt\u0012\u0012\u003c'?#\u001e\u001a\u001eP\\\u0007\u0003Z@l\u0019ZPHzC\u0016;\u000b)E\u001a^05J\u0006L\u001d\f\u0002\t\u0004Uu_Eu4)\u00110\u0003.VQ\u0026PX\u0001*\u0006-uH\u001ePK\u000eO=,2\u000e\u00163\fY6oW\"-4\u0015\u0004 \u000f\u000f@r\u0010\t\u0003\rUDU\u000e\\I\u0000S_Z_TG\t\u0018\nWFl\u001f\u001d\u0017\u001f2Ou(\u000bf\u0003Z\u0016\n\u001c^9\u0026P\u001f@E\u0011Y\u0018\n\u0013\u0007]_L\u000bV\f]\u000f\u0011U_T\u000e\u0001\u0001PJP\u001a\\\u0010T[\rK\fX[H\u0018\u0004U\u001cP\u0006\u000e\u0005\u0003J]K]AV\u001e\u001f\u0018K\\\u0001\u000b\u0002\u0006U\u001c\u0002h\u0000\u0003\u0006CPAQS\u001bU\u0000\u001d\u0004PZ\\ZF\u0007ZZ\u0005\u000f\u0006\u000eC]J^DV\tO\u0003\u0004PZ^_J\u0000YT\u0011CWS\u0011\u0016D\n\u0005QH;\u001fJ79\t(BU7\u0026TV\\@3-(N\u000f\u0006]\u0002\u000bp\u0011W\r\r\u0011x\u0026!Cfp\u0005L1\u0011\u0001\u00264W\u0004-U\u000b;LGPZ\tO\r\t\u001f\u0014\u000e\u001e[RW7l*[\u0015C\u0004\fIH\u0005BOYXC\u0014@F.\u0001\u001bQ\nKU\u001b\u0011\u001eLQB\u0018L\bAX_\u0014@WNDW\n[KC\rYFL\u000f\u001f\u0016T@\u0006\u0015\u0011D\u000e\u0010[RXS\u0014K\u001aQ\u003e\u0005\f\u0001P\u000e^A\u0015WD\u0014@UUJ\u0002\u0006\u001aS\u001fX\r\u0019\u000bGP[\u001d\u000eGL\u0011\fX(\u0010\u0006\u0000\u001a\u0018\u0011A\u000f\u003e\\ZI^\u0016\u0006\u0004S]VXX^\u001f\t\u0019\u0011]E[Z\t5\u0001\t\u0018k\u0007\u0003S\\K\u0014@IHDW\u0015Q\u0007\u0026R\u0004\u0013\u001d4\u001eQ\u0000\nCQ\u0011\fHVMDW\u0001W\u0005\u0016K\u003e\u000e\u000b\u001b\u0006\\LW\u0005\r\u001f\u0014\f\u0001\u0017\f\u001a\u0010\u001aS[\u001bMH\t\n\u001fQ\u001e\fSJ\u0011\fJH[\u0006\u0019@\u0002K\u001cWL?=I^\u0016\u0000\u0001D\u001b\t\u0014\u001f\nT=\u0026N]\u0007[\u0015C\t\u0001\u0007\u001dF1\nVTFBX^[\u001b\u0007\u0005ZKU\u001b\u0011\f\u0002IH\u0016LA\u0015Z_BX^\u0002\u0015Y@H\u0005\u0018M\u0007\u0005\u001c\u0006-P\u000b\u0019RZGY\bFC\u0013W\u000bK6\u0018W\u0005\u0018\u0001\u0002\u0016\u0016T\u000bVU@SVF\u0010\u001b*\u0016J\u0000\u001d\\\u000f\u001eLQ\u0014U\u0002\u001eR\u0015\u0011_\t;\u001a\u0000\u0007\rU\u0000\fT\u003eRX4\u001dF1\u0003RNVDX^\u001f\t\u0019\u0011]E[P\u00125\r\u0003\u0000[\u0003\u0004BT\u0011\f\u001c\u0005\u0015\u001b\u0010N\u001a\u0000\nf\u0004\u000e\t\u000eP\u000e\b\f[JV\u001aX\r\n7\u0012\u0007[\u0002\u0016\u001b[\u001e\u001c\u001e\u0017\u0018L\u0004DfDS\u0018;\u0012\u0001\u0001@\u0002\u000f\u0018U\u0012\u000fBI\u001bG1\u001aR[l]\u0013\u0010\u0026^ETg\u0006\u000bf\u000f\u000f\u0019\u000e\u0000\u0016T\u000bVU@SVF\u0010\u001b*\u0006]\u001a\u0012M\u000e\u001a1\u0018\u0013R\u000f\u001f^\u001b\tP\u001b\b\n\rY@Q\u001a\u0026Z\t\u0018\u0001\u0006\u001bA\u00032XIVD\u001bFC\u000e\u0014\u000eK\f\u0004\u0015C\u0004\u000b\u0018P\u000eLY\u000f\u000f\u0006\u0001IWJ^WN\u001a\n\u0015P\u0004\u0004\u001a4\u001bPLW\u0015\\RU\u001cWO\f\u0014O[YO]L^\n\\C\u0019W]TZ\u001e\u000eB\u0001JX\u0016\u0006\f[M\t\u0000HBI\u0013R\b\u0004[PRB\u001f;\u0010\fWX\u001aKU\u001b\u0015\u0018\u000f\r\u0014]\r2DVFD\u0019\u0001\u0026\u0001\u0011@\u0002KH\tQ^V_E\rLA\u0015XW@\u001f\u0016\r\u0001\u0006\u0007J6\u0010]CPLI^\u0016\r\fZIR_\u001d\n\u0026\u0001\u0011@\u0002K@\u0000YR]XE\u0016BOTL@B\u0015\t\u0026\u0001\u0011=\tKC\u001b\n\u000f\u0007\u001f\u0013F\u00012\u000e\t\u0003\u000fN\\@JY@[\u001c\nM\u000e\u00071\u0002\u0016k\\O\r\u001b\u0011\u001aX\u0007\u0015\u0001\u0016\tg\u0000\u001d\u001b[H_[@\u0005Z^\u0003\u000e\u0001\u0000O\\@QFT\t]H\u001bMH\r\u0004\u0001@LW\u0015\u001b\u001f\u0014\u0017\u0001\r\u0000\u001a\u0006\u001aS[S\u0012\u001e\u000f\fP\u0018L\u001fhLZRX^[\fA[Z]\u001c]\u0007G[XFWCYQ\u0000\u0006\u001b\u0018\u0001\u001d]XP\u000bX\u001dX\u0007\\_R\u0014V\rO\u001b\u001b\\W%\r\u001dJO@\u001aE[X\u0005\u000e\u0007\u001f\u001b[\u0000\f[fZR\tFC3(\u001f"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Sun, 07 Dec 2025 07:37:06 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://cdn.ak2yy.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adb4650bfc9d2a73d4dd69583b0ceb14","sha1":"1ce399d6e936232aaf2192cd7903a279c5015f22","sha256":"21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed","sha512":"3fbce22572bbed1aada0f7c6706f16a97e7c0ea132dfee1a7eb80f5e68da1cc63c891a5bc3ea8e87f0c97be3002212a0efbb2af9553acb45e0d447a685cd805b","ssdeep":"","tlshash":"436000000c3000000cc00c0000c00030ff300f00000f00c0000c00f003030c0c00c000","first_seen":"2023-04-05T07:30:31Z","last_seen":"2026-04-19T01:05:27.177606Z","times_seen":56306,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":163,"dns":39,"connect":17,"send":0,"wait":18,"receive":0,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:06.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1389\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=hl4vlvuvcrsir90wgi9fs5r9xvmdvuv; syncedCookie=true; oaidts=1765093025\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1389,"data":"[{\"app\":\"landings\",\"event\":\"adex_status_success\",\"usid\":\"19af7be258c4fede0bcbcd\",\"sub_id\":\"1021434726589936141\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"luck-chest\",\"event_source\":1,\"ymid\":\"1021434726589936141\",\"request_var\":\"keitaro_9009489\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ\",\"source_zone_id\":10048479,\"config_id\":1848,\"build_version\":\"v0.0.608-verticals\",\"landing_load_date_time\":\"2025-12-07 07:37:05.000584 +00:00\",\"vertical\":\"igaming\",\"events_history\":[{\"timeStamp\":1765093025162,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765093025583,\"event\":\"adex_init\",\"timeOrigin\":421},{\"timeStamp\":1765093025595,\"event\":\"load\",\"timeOrigin\":12},{\"timeStamp\":1765093025721,\"event\":\"adex_script_load\",\"timeOrigin\":126},{\"timeStamp\":1765093025885,\"event\":\"cookies_sync_success\",\"timeOrigin\":164},{\"timeStamp\":1765093026162,\"event\":\"adex_status_success\",\"timeOrigin\":277}]}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 529802283cf0c0c20cfb20d6b28dc7be\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Tue, 09 Dec 2025 07:37:06 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T03:33:37.326717Z","times_seen":121520,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a730f0b7e-uKiSnrbr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/a730f0b7e-uKiSnrbr.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-1a5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (421), with no line terminators","md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b541e60e-CXH_KT1m.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/b541e60e-CXH_KT1m.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-894\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2196,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2195)","md5":"71579a9e0c6a2e50f716bf01505c8201","sha1":"fd12c5ee385b3feaa04fb817a2ec61126407a38d","sha256":"ace21d6239186e534282679642e8bed71f36dd2fcaa08e5b51f3b9927fd8d5e5","sha512":"9ce3d599bfeeb671c3c5823b5c7ba960022cf74b25a590cd45e4a9fe1b7b0654cf83b8ad14f4061014945770acbd168b0539f282ebb66e3e5ee0163bee6f04e9","ssdeep":"","tlshash":"6241716d80b9c4b0c1956bdd8236f92230aa443b346cced5e23e8a3657bde8590b5736","first_seen":"2025-12-05T16:09:40.516338Z","last_seen":"2025-12-08T02:05:33.34109Z","times_seen":42,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/eed1a1dfc-D7_95yjL.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/eed1a1dfc-D7_95yjL.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-c5f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3167,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3028)","md5":"ffb7d8c0373d0c03f510aa4a2eacab2c","sha1":"155015154f32896f59051afc73c5c71e8f9c5121","sha256":"4efd106b96ce2bd541380878bbe0a6ab070b8dc1ce875415ae2aedfd7bb6cc59","sha512":"d06904b972ade16d4e28e0c959bbeb3c15da109afcf18507ca41f6e94c5253afad59968bda340d1db53a86d2616d09dc56be175826dbf512af99b4448a7a9e7e","ssdeep":"","tlshash":"2e51a60d426d24a950dccfebad32594dbbba6416698c3ca8fc2b4cdd034ed8cc21697d","first_seen":"2025-12-05T16:09:40.509873Z","last_seen":"2025-12-08T02:05:33.341905Z","times_seen":41,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/cfb14299-BGMreeeV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/cfb14299-BGMreeeV.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-46f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1135,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1135), with no line terminators","md5":"8506d4e19453aedbf3c1fc04342b89c9","sha1":"0e2bb5bdcf7088e8614858622e74e932b0c2fa2c","sha256":"184cd18e2112ed9660cd49257113c5aad97d659890668992cdc1635e21f374a1","sha512":"aea362c50d524712756f68f2889fc20a454c6d90196b625c6970314765b332c69bbca873363ba29779f6bcf904bb42f976a317349f70b3a85158398d0bd1b97e","ssdeep":"","tlshash":"a02100d1b6486b0ea53e3fddf0cb184036301123ce8d5683d2174722634fd49427dba6","first_seen":"2025-06-24T19:07:51.391409Z","last_seen":"2026-02-23T22:20:45.176058Z","times_seen":2159,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k74ebc6f-BlvsxabF.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/k74ebc6f-BlvsxabF.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-f81e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63518,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (38453)","md5":"e20f05b1f173064da367b5f6b35893dd","sha1":"0b346d9676872391dd1c8ae457a7868a50afd968","sha256":"8ebc4524a14a478f26f9d8a5e1fc30d50c05ecc71d3a3b93abb834b691bed700","sha512":"55ca23a7486e5151ff9891b0edb662ac025b2018b528470e6c8456e2eabeef51dcf6db9b9e6aead0189a3b06b1bc42069f004df68bbc7335572c77b3ea02b2c0","ssdeep":"768:/55FCDDOqykJ7QNp4N70H1KcvXCyLHWxA9k/eWj8kcj6tKwtZHNMSgz6lDNwnfZY:/leqs7QX4qz4PNcj6ftZHNMSZ7","tlshash":"58534a687056203a03ef51e6e0bf6a4bf2346912e48dc644e356cef06fb469d4267f2d","first_seen":"2025-12-05T16:09:40.503089Z","last_seen":"2025-12-08T02:05:33.240222Z","times_seen":42,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/s06e44d90-CE3gpyht.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/s06e44d90-CE3gpyht.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12202\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: \"69330062-2faa\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12202,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d2867bca9bd3a312022c13760fb1af9","sha1":"115523fff4fa8f497cabfe2d55e177844ec410b9","sha256":"59326bc80607bd397bb7fd5cbbcfed089214c93eb129a799f07e0bb7e2adaa19","sha512":"ac99a898809af641276578dde234d7c15e0cda673db531fdb8fa1fb5c5172e8d23d83984a38c492c1de7d4759bedce7a0a3a5278573de0338a8b2fc3560c9eff","ssdeep":"192:OzJKhxzm/+dgGUbBa3PpEzDNkO8g7g1uz6BlVMqIRVRYC55Rzq4wZajWAMZi0kJm:OzJqzmGdhwuPpEzBkO8gAuzquqIRVDZI","tlshash":"b142c06d4ad92f42fabe873a9c10874d8f323a2b851e46f1a25137042952ea62d315b6","first_seen":"2025-09-22T14:18:45.370308Z","last_seen":"2026-04-11T20:59:56.321676Z","times_seen":100,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f426dbbfd-BW2CXGv0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/f426dbbfd-BW2CXGv0.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-89e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2206,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2204)","md5":"5139e6ef33fbc0a39f74a4fa3c650ba4","sha1":"72d1eb4288c2f2b84b66e28cab3a7e9b39448fa7","sha256":"c8e1f0b5ec7a172233cd0e329ae5663cbd837f4ea728beeee466fe9894af2bf7","sha512":"4880a8bdfdb08d77ce2b3131ecd86941a4197f132352f30e24529aec89d068db75266a88716ece8c407e23a7435a9b550a4f54b23f78533d48e35ad0bc6955c0","ssdeep":"","tlshash":"2b418459b1252b7cf00e095ef52d828bf05a7b8acb4dcaa0f0bc491917598856b46f84","first_seen":"2025-12-05T21:02:43.605058Z","last_seen":"2025-12-07T21:03:33.159343Z","times_seen":20,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/favicon.svg","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 28447\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: \"69330062-6f1f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28447,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cfad15d30dae3df09e5cdf3b91556214","sha1":"5c451c15700279f2a2bf7d58261eff6ba6c2d4dc","sha256":"9a353afca57aed8c872145fc3d8686a2a27c80655d3c5306bb03a5fde1e5cfda","sha512":"3dde52c8ab8bc6b9603c7111f50895700d410d03c5838666cbc3f95aba7592a1ebe9b6b544191b80967e2aaf95551463c1232b8929fb8355b4b43a4ff35c5226","ssdeep":"768:hKAtKOZ5G2H6P/8awFZkU9pDaFy2nbhoAmF:PtKe6MawFZkUbKy2bh7mF","tlshash":"05d2e0b064bf4b5c47658a05f22bcc1cacc6faa3051d53f35be8663269888f44b7dd92","first_seen":"2025-09-22T03:35:17.75072Z","last_seen":"2026-03-26T17:02:07.810508Z","times_seen":1041,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1151\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1151,"data":"[{\"app\":\"landings\",\"event\":\"load\",\"usid\":\"19af7be258c4fede0bcbcd\",\"sub_id\":\"1021434726589936141\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"luck-chest\",\"event_source\":1,\"ymid\":\"1021434726589936141\",\"request_var\":\"keitaro_9009489\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ\",\"source_zone_id\":10048479,\"config_id\":1848,\"build_version\":\"v0.0.608-verticals\",\"landing_load_date_time\":\"2025-12-07 07:37:05.000584 +00:00\",\"vertical\":\"igaming\",\"events_history\":[{\"timeStamp\":1765093025162,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765093025583,\"event\":\"adex_init\",\"timeOrigin\":421},{\"timeStamp\":1765093025595,\"event\":\"load\",\"timeOrigin\":12}]}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 0955657d79d309f3ce00e7a8af17cc07\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T03:33:37.326717Z","times_seen":121520,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1315\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=hl4vlvuvcrsir90wgi9fs5r9xvmdvuv; syncedCookie=true; oaidts=1765093025\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1315,"data":"[{\"app\":\"landings\",\"event\":\"cookies_sync_success\",\"usid\":\"19af7be258c4fede0bcbcd\",\"sub_id\":\"1021434726589936141\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"luck-chest\",\"event_source\":1,\"ymid\":\"1021434726589936141\",\"request_var\":\"keitaro_9009489\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ\",\"source_zone_id\":10048479,\"config_id\":1848,\"build_version\":\"v0.0.608-verticals\",\"landing_load_date_time\":\"2025-12-07 07:37:05.000584 +00:00\",\"vertical\":\"igaming\",\"events_history\":[{\"timeStamp\":1765093025162,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765093025583,\"event\":\"adex_init\",\"timeOrigin\":421},{\"timeStamp\":1765093025595,\"event\":\"load\",\"timeOrigin\":12},{\"timeStamp\":1765093025721,\"event\":\"adex_script_load\",\"timeOrigin\":126},{\"timeStamp\":1765093025885,\"event\":\"cookies_sync_success\",\"timeOrigin\":164}]}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 76dd9c52e0e4a908ff468b256db3fbbb\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T03:33:37.326717Z","times_seen":121520,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:06.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1454\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=hl4vlvuvcrsir90wgi9fs5r9xvmdvuv; syncedCookie=true; oaidts=1765093025\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1454,"data":"[{\"app\":\"landings\",\"event\":\"adex_status_bad\",\"usid\":\"19af7be258c4fede0bcbcd\",\"sub_id\":\"1021434726589936141\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"luck-chest\",\"event_source\":1,\"ymid\":\"1021434726589936141\",\"request_var\":\"keitaro_9009489\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ\",\"source_zone_id\":10048479,\"config_id\":1848,\"build_version\":\"v0.0.608-verticals\",\"landing_load_date_time\":\"2025-12-07 07:37:05.000584 +00:00\",\"vertical\":\"igaming\",\"events_history\":[{\"timeStamp\":1765093025162,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765093025583,\"event\":\"adex_init\",\"timeOrigin\":421},{\"timeStamp\":1765093025595,\"event\":\"load\",\"timeOrigin\":12},{\"timeStamp\":1765093025721,\"event\":\"adex_script_load\",\"timeOrigin\":126},{\"timeStamp\":1765093025885,\"event\":\"cookies_sync_success\",\"timeOrigin\":164},{\"timeStamp\":1765093026162,\"event\":\"adex_status_success\",\"timeOrigin\":277},{\"timeStamp\":1765093026163,\"event\":\"adex_status_bad\",\"timeOrigin\":1}]}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: fca831a5d2a107a0456b6e4cb7170891\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Tue, 09 Dec 2025 07:37:06 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T03:33:37.326717Z","times_seen":121520,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/u4afaad-BHiGkKjp.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/u4afaad-BHiGkKjp.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-74e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1870,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1870), with no line terminators","md5":"d4a73aeb2dcc17cedbb506467e361350","sha1":"d2f0ced32a8053dd15684afae77bcafa746c0a23","sha256":"c204bf2008362658e3459e0c9a886b1e2054d139ee08486df602a6f50bf6c131","sha512":"e2952ef822aa455fa1f8e008bd3aebeff7d72942f1cb5d03f22011b91ca4e76a797f903c4e926c55b65d180a77606e84ba704879665b9f437dea5d349dfd97ba","ssdeep":"","tlshash":"dd3179f948a99c34b1cd85d4a6355b0333b9160734f89e56f26fc9a0115cc8f871673e","first_seen":"2025-12-05T16:09:40.533264Z","last_seen":"2025-12-08T02:05:33.240957Z","times_seen":42,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bf09db82-CjWSV7r0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/bf09db82-CjWSV7r0.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-103c\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4156,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4155)","md5":"581bc37e59268ae6782f24036c9d7058","sha1":"360ad01c2af527129c5e978b5961dd738eda49ef","sha256":"61029332b5843096ba7c3eb81898386c9c040c6626d9e351727083c00e5c7562","sha512":"94e29bf1fe33a98a2a521c0f74ea0802cdd61fc382268870d2c4cc6cb0a8e2d53399c1ffc76722cdb497cc5ceca882947c2ac404b439297902931890ac9a68a1","ssdeep":"96:Yey0tP4hJu3f+xSK7VK21BppiV6sBoWO70ZD4PzrZ/UsABiBBaGmH:YL0SrbSK7V5B26sBhq0F4bZUbiBaGmH","tlshash":"a881c8cfa07551bda8da85dcc131e631337522d63048e2d0f05e0e3647aad4ba6aef4b","first_seen":"2025-12-05T16:09:40.539481Z","last_seen":"2025-12-08T02:05:33.362807Z","times_seen":36,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dac3d3ae-CKK3g8Qy.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/dac3d3ae-CKK3g8Qy.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-f4e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3918,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3918), with no line terminators","md5":"56a8e5fad9767f6d2f398a84e2581be4","sha1":"61daa7823cd70c0fc8dcbff31bb633584b813433","sha256":"e08faa69215f9a362c5c68e9200f73e626988c1a7a982442d22da1a42123d0a7","sha512":"74513569077c3b19a5dfc35c1bf27114a895b0e55a4e27402bb3dbf20b0c2f61a908a99d1fdcd08f6141fde972014d6d0952ad2c494530d1298da9c829fa9f93","ssdeep":"","tlshash":"73819459e4145bbc651f48fbe45290953a332365924cdab0e0fc46380b4caa6fb17fdb","first_seen":"2025-12-07T07:37:30.272206Z","last_seen":"2025-12-07T07:37:30.272206Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/z402a86a-Cjm_A2Ml.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/z402a86a-Cjm_A2Ml.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-ed95\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60821,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (60821), with no line terminators","md5":"dff6d42b02ccd5340727e73c5d1836da","sha1":"8b48751e046b90df631a9a1014523522587cdb2f","sha256":"506083f7a518ebecf465a78f591c02649b8f46fd9d5500fab5d7a1f95e5fb783","sha512":"8a763c90d2d7c49f56125d7f8d9f5166d68eda8bd9e847979300add025f223d8752f510e41302b54d665bc39e530afdf5b24309c6b3d250acaf544d37f51365a","ssdeep":"768:tkVitNWwUonffuqh+gtjvbhMtBTBInlCDrIPPZBMGWATx+EuA/1fwyLYBnM4+41o:iV7wUkfhsBATx+EWbfad/efPwXGY","tlshash":"7d535f9ed2129fe989b31788b91c2a11b32d0d0ded4991a0ecdf0f16176ec87217b79d","first_seen":"2025-12-05T16:09:40.524494Z","last_seen":"2025-12-08T02:05:33.301825Z","times_seen":42,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/s17118f09a-C3xGIlLX.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/s17118f09a-C3xGIlLX.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-424\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1060,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1060), with no line terminators","md5":"03f05fb22649400a0182d46c8189dfe8","sha1":"3a95542e9f2abaff4986cb9c67ac19663055144c","sha256":"98687d7e07f391ca5972515db8ef829157b2be4c0f854b17ace8852d2f69a4f6","sha512":"8805a4ade7fca6f9b0737bf82ac70e58bde57ffe10746aee7ada8e9619cb8f3c1de1ff0cccb82013cae6d82f39149956fdc0f1ceabb218efb4ab9796b9ddf3bc","ssdeep":"","tlshash":"fb11354abba42c2d40151dedd014f421410651ab27d48fd6e07e967c2f3decd7d12b17","first_seen":"2025-12-05T16:09:40.505809Z","last_seen":"2025-12-08T02:05:33.260447Z","times_seen":42,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdntechone.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 12:09:26 GMT","end":"Tue, 03 Mar 2026 13:06:54 GMT"},"fingerprint":{"sha1":"20:CF:7E:0A:3E:60:76:64:CB:13:89:D1:7A:4D:C6:25:CD:DC:95:B7","sha256":"86:F2:8E:50:0F:AF:F9:1A:C3:2C:76:6A:A5:AB:D9:74:D8:CB:8A:FE:B7:B6:76:80:83:09:2F:8E:9A:2A:BC:74"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: cdntechone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 11 Jul 2024 10:23:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nlink: \u003chttps://datatechone.com/\u003e; rel=preconnect; crossorigin, \u003chttps://datatechonert.com/\u003e; rel=preconnect; crossorigin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mgLYLFAg2CnfIv3cAAefJPylS2YuB7FIYA5QNmXl43bD0BLBfZJTQvjN9%2Fd0NWzOo24hRm5HeuefMpiQYW6zQT%2BM%2BmjP0kPlBwpcDg%3D%3D\"}]}\r\nage: 1950\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"668fb2b6-406a\"\r\ncontent-encoding: br\r\ncf-ray: 9aa25b126b55712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16490,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15840)","md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-19T01:05:27.143438Z","times_seen":9149,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":75,"dns":34,"connect":1,"send":0,"wait":8,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-06","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b80c56c-CnpUbS7u.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/luck-chest/1848/de.html?b=24609768\u0026campaignid=9988337\u0026expires=1765093144\u0026ip=81.165.52.62\u0026md5=g6WiUjhU7FibK3NEYswJuA\u0026md5Ip=PAdwGWITFV9RAWxDi65bHg\u0026s=1021434726589936141\u0026sg=zgJ0o9WrNt1OV3uBhvEOJA\u0026sgi=mm12Xw7gqIul_rA0xfYLsg\u0026sgp=j8BfvCNMhXvLn8_i9kDm_A\u0026sgr=yGHKfcQ40OV6HC_g0Nb8yA\u0026sgt=1765092544\u0026sgu=nuZeynwG-MAr_b0xanjWKg\u0026ssk=abfee6527f3dca19982f04c4e6cd2591\u0026svar=1765092544\u0026var=keitaro_9009489\u0026ymid=1021434726589936141\u0026z=10048479\u0026zdekr=bp3pRfsVSgC0aYKcoovIIQ\u0026zdekrIp=cfcLHLt_C36UhiSVomTljQ","date":"2025-12-07T07:37:05.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/b80c56c-CnpUbS7u.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 07:37:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 05 Dec 2025 15:55:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69330062-279\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Tue, 09 Dec 2025 07:37:05 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":633,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (632)","md5":"3359370c5d1b4755ed3b2cfb6c10767e","sha1":"4723d67d99b9d02d8f94b57e5c0b70d4c73aa435","sha256":"c6f472de8bbe62e382b40fdd83298875e3930bae8097ff5a940655129a405fd5","sha512":"cde49eacb89aab13d16783fd0726b5c31db4d1ca95152ae8ef7a8d77798b4fed9ee5a34e6a65ec864c7397f8ca24e51cb3823015ba1e87769ed4c16dd6eee3b0","ssdeep":"","tlshash":"bef0a2d506f01eb5408913ddd175b3427da900b7a19daf92a13c8f68175a987a610e47","first_seen":"2025-12-05T16:09:40.520191Z","last_seen":"2025-12-08T02:05:33.306748Z","times_seen":36,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}