{"report_id":"8c27be0e-be90-46ef-af02-198daef2d9fc","version":6,"status":"done","tags":[],"date":"2026-04-01T00:16:10Z","url":{"schema":"http","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":0,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"title":"Track \u0026 Trace | Service\u0026Support | SF","dom":{"size":790027,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0b3d2c5e28ef60ebf338e50140b2492b","sha1":"607b46b360a1475e93c2104cde2b85cc12efb45e","sha256":"e031beef6cacc515fe919da45a7785b70f5af73cff8c5187f7c5710fc0cb43e5","sha512":"deca6ae19ea6476619e9350bac136beea6a634b3dc5fc2d87d7e7b0a1c4416f1a75c83a08e4059769f47a05cdcc2381832995ed0e8b91d31e04039c3db73ea88","ssdeep":"12288:V5MBvBx5TA9PTnfKnd4UNsgcV1ebCOKFp4uthyr32v4RNsgdw1OtCtEtptXuoDl+:V5UKYlgeyuVu","tlshash":"57f4c75a5bb310551813faac27da6b042f30e293c90acca97fdd624ccf8799499d37c9","dom_hash":"domhashc38f4c8a129901e9f56c86c431b0bdd1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":0,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-06T00:16:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"kalaoffice.com","ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"domain_registered":"2023-05-06","domain_rank":0,"first_seen":"2026-04-01T00:16:11.823479Z","last_seen":"2026-04-01T00:16:11.82348Z","alert_count":30,"request_count":15,"received_data":3065519,"sent_data":9472,"comment":"","tags":null,"fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}]},{"fqdn":"www.sf-express.com","ip":{"addr":"148.153.240.77","port":443,"asn":63199,"as":"CDSC-AS1","country":"Jordan","country_code":"JO"},"domain_registered":"2000-05-15","domain_rank":226468,"first_seen":"2012-12-08T09:00:45Z","last_seen":"2026-03-27T01:18:21.057977Z","alert_count":0,"request_count":2,"received_data":64970,"sent_data":922,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Apache APISIX","description":"Apache APISIX is an open-source, cloud-native API gateway developed by the Apache Software Foundation. It provides a scalable and high-performance solution for managing and securing API traffic.","website":"https://apisix.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*","icon":"Apache APISIX.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"a7e9244ca5b84c41d9bb7fdca6f34a7f","sha1":"8cc7af56dc57be69f7af1182cac064820d2fa014","sha256":"19f7f7fd2d6e98a3294da8aac4796adc94b9d000ecc662c3a9908ca8218a5fe9","sha512":"e08658f00db08e97d4fb9249bd23876dd46ded30f7e6785f9fec3342486ed02eadda4dbc95bd3ced6d349bcd3f1237583496852fff6e70c6533b2d51e6a88827","ssdeep":"","tlshash":"0fa0220e0b02ac3080b2b023ff0fb380303f022b800b0800ce288080ec3a82f8c020cf","size":71,"data":"","first_seen":"2025-05-30T12:26:03.910961Z","last_seen":"2026-05-30T04:25:07.334046Z","times_seen":727,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba1e90c1b5af016e5db09273490208ee","sha1":"c74245105ae8ba3ca0345e72b97d7d2bf663452d","sha256":"dffaf56453ab7ab809689b2cdac88a3719c0c4685896403523637d9fb77d3f53","sha512":"d1071d09b043527c9d14dedb65969b83748009c2bf0c2b4ef017c4aef8aca21071f70d55be7c8f246f771bb6f517355e854ebccae5c5eada1dd7404f53d20dc5","ssdeep":"","tlshash":"4901fe74151722325d128529771ba3183ebf50671107eb05bc2c8a492fe1c57d6f9fc8","size":836,"data":"","first_seen":"2025-05-30T12:26:03.911851Z","last_seen":"2026-05-30T04:25:07.335061Z","times_seen":749,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"48ca12ecbf0d9c555cc884af5c541031","sha1":"888a0c45470938073f72c59dad4f398ce0a92403","sha256":"b5a0d38845003dcadbb5d9445642773f25e9ec4264b9d47ac4a92c8e90c148f5","sha512":"10c19905cb6ea4b3a68815f930c240ed22acaf5a6213c9f46bab54f2ceee603ad9102d4b1ed7c30d2cf74aef3669735bc4f7c58837c8e14ecb95690ea869eae4","ssdeep":"","tlshash":"92f0287a64a748f105fb35a977c703643420501b3810e151785c875c9f39d4bae6fbda","size":627,"data":"","first_seen":"2026-04-01T00:16:17.545195Z","last_seen":"2026-04-01T04:53:37.875526Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/assets/jquery.min.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"bceabde9d4ba653fd1f4bb171bff0c01","sha1":"c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f","sha256":"7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5","sha512":"d55626e499791f1b6880df4c74ec8cbd5d0c0413a228c403259ac1d65b608c42ca5e473fcf1e0d24a7ae04156405ba46472fd0002573b1c9cbe61325fa0973d0","ssdeep":"1536:fYE1JVoiB9JqZdXXe2pD3PgoIiulrUn6Z6a4tfOR7WpfWBZPBJda4w9W3qG9a98E:u4J+rlfOhWpgCW6G9a98Hr4","tlshash":"1283c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85584,"data":"","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-06-05T17:11:54.586403Z","times_seen":1376,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"27f29b04eb96ee252b01af4065eb5187","sha1":"5a6c5e9eae9e221fdc62762f776563b3539c1823","sha256":"c64f10ba6776aee76870c83dd3f93f93fdaef2aecebc99f09adc16013ec037de","sha512":"a5538401f60f2db07fe18e07223a2d2d902e3ed2063c3871c9f71ce8e42be6ce11c9b1139d4c705fabaa96017db481e568f08efbe406008d8f378c37e80b2874","ssdeep":"","tlshash":"e05100000000300000000030000000000000000300000c00300c000003003000c00000","size":2748,"data":"","first_seen":"2026-04-01T00:16:17.548734Z","last_seen":"2026-04-01T04:53:37.8763Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T00:15:37.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/ HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/7.4.33\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:37 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":810354,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"4d561a7a1ebc5dce02d1aa3212f027d2","sha1":"546185344db1d28ad820a7b40302b03469efaf70","sha256":"ecf8f41da3421cd73219d5f01e58e3bfa89ac139aafa0712c67c5fe8a83db46d","sha512":"a44acb5a207b93ab196dcdc6da8d35225718cd3c0e67eeb9dd832d711eed9fbc1f2d3e99564570019fda1fe9986940385fff448d2d63df58bc15e89a383ff25b","ssdeep":"12288:U5MBvBx5TA9PTnfKnd4UNsgcV1ebCOKFp4uthyr32v4RNsgdw1OtCtEtptXuoDje:U5UKYjS7w6VZ","tlshash":"a805d61a6bb310551817faac17da6b042f30e293c90acca97fdd624ccf8799499d37c9","first_seen":"2026-04-01T00:16:17.476423Z","last_seen":"2026-04-01T00:16:17.476423Z","times_seen":1,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":68,"dns":14,"connect":24,"send":0,"wait":65,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/6de6e0a.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/6de6e0a.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nset-cookie: d_user_session=9c6cecf3c4bb0337ece806720efc2ea14f04828c9c43831a3d8a633dbac334a05f653d2e99c3879f57efeed6cd9859c2317f428e42e9934ffaea257a7959fb88; path=/; secure\nd_user_session=d7be04742b9e3900e5c2db068d6beea9f9562c7d5605d5b7a144a770ff5cd60e4f5be07cb69a05cc2a0d004fe94c22f81bb099ad0f407e9a721832bf97b63d11; path=/; secure\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:50 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]}],"data":{"size":179393,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"9b54cbfd2007deee9e2b8052937fe67b","sha1":"10f59fd8b39b8520a19ddbd4448e4102061cae5a","sha256":"948e5be954c427410a9beb8515cb12d61f14df53b491f9162ad4c6272e14f76c","sha512":"a5327c612e0b56f64d3edeb3a9da9fc285509a86792bcccf7ebf48d50b5f996958a822a50f67e23eaf2a9292524b713d833af8ebc5a4536e50feabf04af8783e","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVcSmo7iy9A5Euph80V3a7tqvFO5/nt9hjkRw4LqMUR58su:I4OIdcSmo7m38sL","tlshash":"97049769a8b2143b9c37c6c981bc8b0c17e5f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.479064Z","last_seen":"2026-04-01T00:16:17.479064Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12615,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12615,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/c6c37c7.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/c6c37c7.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:50 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]}],"data":{"size":179397,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"4ee6d7e3c23fa455ec0d8cfa6447fe41","sha1":"ecc29b332ad1b93882a52c9ec8a67de27fec28c1","sha256":"b7cf252971ce3973e545dbd41d79a1757a7860c6999491f52e9e94cdb5323e2e","sha512":"a504a36b3a009c2d244263801fefadac571bbd5f8267ac4012d3642671b2e726f67f157acd612665326de1df2b90e8361b8c5e48a394053a8500d5fe7256b1a6","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVckmoWiyOA5Eu5h80V3a7tqvFO5/nt9hjkRw4LqMUR58sW:I4OIdckmodm3MsT","tlshash":"0f049769a8b2143b9c37c6c981bc8b0c17e5f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.483189Z","last_seen":"2026-04-01T00:16:17.483189Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13420,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/9eccc8e.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/9eccc8e.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:51 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]}],"data":{"size":179395,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"0053d5d44206da93b7e91324bd080ce5","sha1":"9bece032cfc21bf32a55f919e089f1fe12ee7798","sha256":"e88ff4d9ac32c9bba4e91d21fad840667fffef777d749f990341b38b47f70555","sha512":"0b12b8b867fc805a71a5162a2454d984cc6b8e9b7a4f4374a69861c5b543829a1c7859695fa3ee41b2c268352b0b546f8de9fb3e4cd2ad50b41b6d26c97dee6a","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVcYmoiiy6A5Euzh80V3a7tqvFO5/nt9hjkRw4LqMUR58s+:I4OIdcYmo9m3SsT","tlshash":"a6049769a8b2143b9c37c6c981bc8b0c17d5f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.486771Z","last_seen":"2026-04-01T00:16:17.486771Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/aec8211.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/aec8211.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:51 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":179397,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"42d5a3387b9fd6e8cc3aab048cbd822a","sha1":"843f95fe341fd0a3909eeac6883b66a8219a3e54","sha256":"828138210f37913106e9947963d1f4ce8ff278803b5241cc974e759a72d7918c","sha512":"41b5395880ff3880d60ba4b77c2a0bbbc635cd918e7324426445cd7879a82f084b65f412becfe9b972665c0aa945f6045fe0ba1e7191b34af781dfb91178feaf","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVcSmoniyBA5EuYh80V3a7tqvFO5/nt9hjkRw4LqMUR58sC:I4OIdcSmozm39sn","tlshash":"e0049869a8b2143b9c37c6c981bc8b0c17e5f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.489843Z","last_seen":"2026-04-01T00:16:17.489843Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13918,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13918,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.sf-express.com/_nuxt/icons/icon_64x64.70e147.png","fqdn":"www.sf-express.com","domain":"sf-express.com","tld":"com"},"ip":{"addr":"148.153.240.77","port":443,"asn":63199,"as":"CDSC-AS1","country":"Jordan","country_code":"JO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:39.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sf-express.com","organization":"顺丰科技有限公司"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Wed, 09 Jul 2025 00:00:00 GMT","end":"Wed, 08 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:C6:88:A7:30:AD:A3:B5:64:3D:77:78:68:D8:8E:F0:84:AB:EC:8B","sha256":"0B:52:FF:29:56:DA:6F:42:A4:53:19:43:2E:33:94:53:D3:79:48:8F:AB:B9:DE:00:E0:5D:08:EE:E1:59:C4:68"}}},"request":{"raw":"GET /_nuxt/icons/icon_64x64.70e147.png HTTP/1.1\r\nHost: www.sf-express.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:15:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 2616\r\nConnection: keep-alive\r\nServer: openresty\r\nLast-Modified: Tue, 24 Mar 2026 04:51:20 GMT\r\nETag: W/\"a38-19d1e2ed940\"\r\nX-NG-VERSION: GREEN\r\nX-APISIX-Upstream-Status: 200\r\nX-CCDN-Expires: 36328\r\nvia: EU-GER-frankfurt-EDGE7-CACHE4[2],EU-GER-frankfurt-EDGE7-CACHE1[0,TCP_HIT,2],EU-GER-frankfurt-GLOBAL1-CACHE9[276],EU-GER-frankfurt-GLOBAL1-CACHE11[273,TCP_MISS,276],EA-SGP-GLOBAL1-CACHE12[108],EA-SGP-GLOBAL1-CACHE20[105,TCP_MISS,108],CHN-HElangfang-GLOBAL6-CACHE69[35],CHN-HElangfang-GLOBAL6-CACHE138[0,TCP_HIT,26]\r\nx-hcs-proxy-type: 1\r\nX-CCDN-CacheTTL: 86400\r\nnginx-hit: 1\r\nAge: 50072\r\nCache-Control: public, max-age=31536000\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Apache APISIX","description":"Apache APISIX is an open-source, cloud-native API gateway developed by the Apache Software Foundation. It provides a scalable and high-performance solution for managing and securing API traffic.","website":"https://apisix.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*","icon":"Apache APISIX.svg","categories":["Web servers"]}],"data":{"size":2616,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"864114e687589d4394688d0996d6c368","sha1":"18bae69d3ae153440952a6ada7c369758b659df4","sha256":"b475bdc4cb66fac64ce223a7e274fb9e6d764a775f7783ccadc49e37401f7e80","sha512":"a633665f0773f08f1c26de19ca893a8b3d2fa3bd6d3e5f2700b9774c5145b4d37317cda6092663776b751067bb03cb7120eaa7f73a96b3e20d78295f2ccf05cb","ssdeep":"","tlshash":"e2514cfa199c8bf8e30b5ba0250769d431424c018cb2f3ee2901b8d50ed5f787656857","first_seen":"2024-10-21T13:03:05.065195Z","last_seen":"2026-05-30T04:25:07.315683Z","times_seen":751,"resource_available":false,"data":null}},"time_used":1198,"timings":{"blocked":-1,"dns":694,"connect":19,"send":0,"wait":22,"receive":0,"ssl":462},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/f7ff5a6.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/f7ff5a6.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:51 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]}],"data":{"size":179395,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"6bd22f383541db2b536475892a6bcbc1","sha1":"b508a83d89c9b7c785f85dccd274d5912070c5c2","sha256":"e44da8863aae69a3090a89f9a535a288916cdb9226375e6844333c59658a9879","sha512":"29d13ee703156f7585136de9ad354f6cce7b54cce8d5d787486a6377ad4d6dfd53f4d580e7d4c358c07661c90097abc68ea5b9b991c4f65cfec8fb1c43aba667","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVcCmoFiyrA5Eufh80V3a7tqvFO5/nt9hjkRw4LqMUR58s+:I4OIdcCmojm3Gsr","tlshash":"b0049769a8b2143b9c37c6c981bc8b0c17e5f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.498243Z","last_seen":"2026-04-01T00:16:17.498243Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/sf-code-img.9c3b712.jpg","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/sf-code-img.9c3b712.jpg HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:50 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]}],"data":{"size":179538,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"bbe7a01f1035031fc700401f5b12d848","sha1":"ea32fbe1683b791528fc1468719cfb1407bfd52d","sha256":"a890f97142a8ea36a8aef4204dad0bf82e4732f1ad14cbe3925f9b4b16aa95ec","sha512":"d7f2eeebd3a602df5a0892738344d04d3ca01b9e505e014509f682c6cccd8da7a1897d20b6e929255fd3a0464a75b4b852c076dbee106f547ef2809923b7a9c8","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVc4mokiyGA5EuXh80V3a7tqvFO5/nt9hjkRw4LqMUR58sC:I4OIdc4modm3Os/","tlshash":"d7049869a8b2143b9c37c6c981bc8b0c17e6f105ca425a78b7fd137d67dade0358394a","first_seen":"2026-04-01T00:16:17.50077Z","last_seen":"2026-04-01T00:16:17.50077Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13429,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/star4.png","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/star4.png HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:52 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":179384,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"64ab992e7dd0d1b7385e7ab682f56a6c","sha1":"4fb381ff41789291ceddb88a93e9727aadff2e97","sha256":"df812fee068a2330a935ed4603b979759eca81d7d5d3ef0fed430c97d32543cc","sha512":"d3fae94b3e9ceaca8ac4cedb16dabddebc1846b7d522661256c9a31cc3cbd3d338eca126c6501a87e31d8e65859f117b3c9e61f330bca14399ee0486dc1f4171","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVcKmociyEA5Euih80V3a7tqvFO5/nt9hjkRw4LqMUR58sa:I4OIdcKmoLm3zsL","tlshash":"46049769a8b2143b9c37c6c981bc8b0c17e5f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.506509Z","last_seen":"2026-04-01T00:16:17.506509Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14525,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/govIcon.2f477dc.gif","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/govIcon.2f477dc.gif HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:52 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]}],"data":{"size":179494,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"2b5a6bf0c06d479d7bfadf01da4c12c4","sha1":"90ec506668f460da674d6fce147bb70746c2d439","sha256":"5685a2051d95f5d86402009492b587bfffa5f7f2061081113f19cfb5a11696a1","sha512":"e64395a5e1fc2b02a3169d3345c90fa89b168e1873872f5c1883511f4542132fd866cc5813b345389fd0dd3ea54b7f26c09491f75444cde55528b3ab6c714ef0","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVc0moziypA5Euph80V3a7tqvFO5/nt9hjkRw4LqMUR58sA:I4OIdc0moDm38sl","tlshash":"6d049769a8b2143b9c37c6c981bc8b0c17d6f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.509309Z","last_seen":"2026-04-01T00:16:17.509309Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14517,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/assets/jquery.min.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/assets/jquery.min.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 27 Mar 2026 03:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 29178\r\ndate: Wed, 01 Apr 2026 00:15:37 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":85584,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators","md5":"bceabde9d4ba653fd1f4bb171bff0c01","sha1":"c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f","sha256":"7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5","sha512":"d55626e499791f1b6880df4c74ec8cbd5d0c0413a228c403259ac1d65b608c42ca5e473fcf1e0d24a7ae04156405ba46472fd0002573b1c9cbe61325fa0973d0","ssdeep":"1536:fYE1JVoiB9JqZdXXe2pD3PgoIiulrUn6Z6a4tfOR7WpfWBZPBJda4w9W3qG9a98E:u4J+rlfOhWpgCW6G9a98Hr4","tlshash":"1283c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-06-05T17:11:54.586403Z","times_seen":1376,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/20549e1.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/20549e1.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:50 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":179389,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"d5db2668c8563d9578849916fa715d4a","sha1":"52006833fa87782829d0dba95e6bb2871acc845d","sha256":"8ea702fa85e26c398888b4848097abfa8d6374cc5ac42c52bbea1e792035f62b","sha512":"dbec6f4aff6c4d4f2dea7dd50c002a17bbeb5cd973e33ef26f97fe329581adb1c4ce3289f1e72537e2fe72d9176b9d127ff258e721466dffe5802a37acd5986f","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVcgmoMiy0A5EuXh80V3a7tqvFO5/nt9hjkRw4LqMUR58sq:I4OIdcgmoJm3Os/","tlshash":"aa049769a8b2143b9c37c6c981bc8b0c17e6f105ca425a78b7fd137d67dade0358394a","first_seen":"2026-04-01T00:16:17.515038Z","last_seen":"2026-04-01T00:16:17.515038Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/no-data.343cdf8.png","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/no-data.343cdf8.png HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nset-cookie: d_user_session=1a7624a58d58d7b904b1a24a16f2bd88ee21adc8f8a225cbd9eb6a9ba230702e2243808162eefde1b8317326846bd07ea1e787d729777fab7e0bfcd94f6d9bde; path=/; secure\nd_user_session=168e8fb12e7290d398691f9b076a0a63b8efb2a9ac7e4b63eb99517426899fecfa3600ad88a4f30e9bd01dbaf6bb0fd37f755bc30b0c9f892ea9a601ac38a01b; path=/; secure\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:50 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":5530,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1396), with CRLF, LF line terminators","md5":"44f7178410a270ae69174be2ffbff8d0","sha1":"0282a0a02b88a82cfaf12528654ae91d23fe2819","sha256":"1da0aabf11b59d376dfd68e17722c2be9f988b2d81fc58baee5ed37c64242a6f","sha512":"4f06a267a6e2b2534fe91216dbe1816bed0b374e870c045f46f80cd57c38879b136d5e7e2aba98649e049e10a58feac77090564bd5a38bf65d203d526c713828","ssdeep":"96:YwgK1G/+EpZUtpslyvXqTXBpkjqc0rqYplRQ6B:YvcG/+EpmtYtpkjqZrqwRXB","tlshash":"fcb1b5b3b6598d255f9883b6c156310cc9b8a44bcb11dba1e0f95c3e2cda9e500e762f","first_seen":"2026-04-01T00:16:17.518062Z","last_seen":"2026-04-01T00:16:17.518062Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12825,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12818,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/4Y2M.png","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/4Y2M.png HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:50 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]}],"data":{"size":179369,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"9995c8a746654b1323d29cde5afe57b6","sha1":"fdda2b4e66b7bc1189fd6a806ffd0b37d2d61590","sha256":"f39bc4bb75d026990c492ace9703aedbbd696205d0ebf5b9cff049a8723fa919","sha512":"aaf45e1111a204a3a9ca868b26f38bbafc95602526c4d2f4751f97353e383624a4ffe64049c1df357bf9c96d758c7f08661b2a1efe5d0bff6c9b51152070d4f9","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVc+mouiyuA5Eunh80V3a7tqvFO5/nt9hjkRw4LqMUR58sO:I4OIdc+moNm3esT","tlshash":"0e049769a8b2143b9c37c6c981bc8b0c17d6f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.521012Z","last_seen":"2026-04-01T00:16:17.521012Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12821,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12814,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.sf-express.com/_nuxt/icons/icon_512x512.70e147.png","fqdn":"www.sf-express.com","domain":"sf-express.com","tld":"com"},"ip":{"addr":"148.153.240.77","port":443,"asn":63199,"as":"CDSC-AS1","country":"Jordan","country_code":"JO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:39.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sf-express.com","organization":"顺丰科技有限公司"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Wed, 09 Jul 2025 00:00:00 GMT","end":"Wed, 08 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:C6:88:A7:30:AD:A3:B5:64:3D:77:78:68:D8:8E:F0:84:AB:EC:8B","sha256":"0B:52:FF:29:56:DA:6F:42:A4:53:19:43:2E:33:94:53:D3:79:48:8F:AB:B9:DE:00:E0:5D:08:EE:E1:59:C4:68"}}},"request":{"raw":"GET /_nuxt/icons/icon_512x512.70e147.png HTTP/1.1\r\nHost: www.sf-express.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:15:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 60799\r\nConnection: keep-alive\r\nServer: openresty\r\nLast-Modified: Tue, 24 Mar 2026 04:51:20 GMT\r\nETag: W/\"ed7f-19d1e2ed940\"\r\nX-NG-VERSION: GREEN\r\nX-APISIX-Upstream-Status: 200\r\nX-CCDN-Expires: 86400\r\nvia: EU-GER-frankfurt-EDGE7-CACHE1[169],EU-GER-frankfurt-EDGE7-CACHE3[0,TCP_HIT,168],EU-GER-frankfurt-GLOBAL1-CACHE10[175],EU-GER-frankfurt-GLOBAL1-CACHE10[171,TCP_MISS,173],EA-SGP-GLOBAL1-CACHE23[3],EA-SGP-GLOBAL1-CACHE24[0,TCP_HIT,2],CHN-HElangfang-GLOBAL6-CACHE49[21],CHN-HElangfang-GLOBAL6-CACHE80[0,TCP_HIT,20]\r\nx-hcs-proxy-type: 1\r\nX-CCDN-CacheTTL: 86400\r\nnginx-hit: 1\r\nAge: 0\r\nCache-Control: public, max-age=31536000\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Apache APISIX","description":"Apache APISIX is an open-source, cloud-native API gateway developed by the Apache Software Foundation. It provides a scalable and high-performance solution for managing and securing API traffic.","website":"https://apisix.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*","icon":"Apache APISIX.svg","categories":["Web servers"]}],"data":{"size":60799,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"4203b6b4cbc1b7404dd19fda073b8583","sha1":"3994e20883776c0dd6c8e1939e250b2b60160c34","sha256":"77e049bcb4dfb2d6f7cba544c86fa19f9f31058a313e0ab2d2edf066cb4ff878","sha512":"8009a0b034b57c8d6d62b88114bca3396661a64a65b6f7c16a5cea0d487d91ef4b2e998c0813e95372a50e691720db9d3420f2de4a92c34f4d25cad494101120","ssdeep":"1536:EDN8xlk85425AEP16/hUTrWIssD4RcsKjUj:EDNZ77CGUvDDD4pKjUj","tlshash":"7a53e18e601afb5e91a8d17981635dbced38e901f2ffc2284f955747859b2e72048c1b","first_seen":"2024-10-21T13:03:05.061222Z","last_seen":"2026-05-30T04:25:07.304476Z","times_seen":749,"resource_available":false,"data":null}},"time_used":1168,"timings":{"blocked":-1,"dns":695,"connect":22,"send":0,"wait":195,"receive":31,"ssl":224},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/21d95c6.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/21d95c6.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:50 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]}],"data":{"size":179395,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"e1f96a159ccdc513f627ab645d1471b6","sha1":"ec5ec551298986a5333f57aa70d1651fd93587bb","sha256":"27baf12386c7a78085660e26c8fb9a3b2a067123eabb05ae47f88aa583828638","sha512":"d26a4403150930aaf0882c920bfe7f73f1a19c6c04ae6e895919773642496b2e5ca05a2dc1dc43cd111e9e97758fd37128faf61f21206bedb47877346140c517","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVcamociyUA5EuGh80V3a7tqvFO5/nt9hjkRw4LqMUR58s6:I4OIdcamoJm3fsf","tlshash":"6a049769a8b2143b9c37c2c981bc8b0c17e5f105ca425a78b7fd137da7dade0359394a","first_seen":"2026-04-01T00:16:17.527747Z","last_seen":"2026-04-01T00:16:17.527747Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13020,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13020,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/a93c6e2.js","fqdn":"kalaoffice.com","domain":"kalaoffice.com","tld":"com"},"ip":{"addr":"193.36.85.51","port":443,"asn":212552,"as":"BitCommand LLC","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/","date":"2026-04-01T00:15:37.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.kalaoffice.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 13:03:59 GMT","end":"Fri, 08 May 2026 13:03:58 GMT"},"fingerprint":{"sha1":"D9:77:F1:E6:D0:62:69:75:8A:C1:16:1A:5B:BB:67:61:A3:E0:82:A9","sha256":"2E:AB:C7:14:7A:AF:95:C9:4E:19:32:A4:7A:9E:D8:CD:54:8D:F3:BC:FD:E3:DC:06:24:70:81:C2:3C:AF:16:1C"}}},"request":{"raw":"GET /wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/Track%20\u0026%20Trace%20_%20Service\u0026Support%20_%20SF_files/a93c6e2.js HTTP/1.1\r\nHost: kalaoffice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kalaoffice.com/wp-content/uploads/e1mkgwi/nhewrzb/gvfqsnr/content/rebrandedchina/index.php?email=3mail@a.b.c0/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\npermissions-policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nlink: \u003chttps://kalaoffice.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Apr 2026 00:15:51 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Handlebars","description":"Handlebars is a JavaScript library used to create reusable webpage templates.","website":"https://handlebarsjs.com","common_platform_enumeration":"cpe:2.3:a:handlebars.js_project:handlebars.js:*:*:*:*:*:*:*:*","icon":"Handlebars.svg","categories":["JavaScript frameworks"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Yoast SEO:27.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Contact Form 7:6.1.2","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"WooCommerce:10.2.4","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"Twitter typeahead.js","description":"","website":"https://twitter.github.io/typeahead.js","common_platform_enumeration":"","icon":"Twitter typeahead.js.png","categories":["JavaScript libraries"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Slider Revolution:6.6.12","description":"Slider Revolution is a flexible and highly customisable slider.","website":"https://www.sliderrevolution.com","common_platform_enumeration":"","icon":"Slider Revolution.svg","categories":["Widgets","Photo galleries"]},{"name":"wpBakery","description":"WPBakery is a drag and drop visual page builder plugin for WordPress.","website":"https://wpbakery.com","common_platform_enumeration":"","icon":"wpBakery.svg","categories":["Page builders","WordPress plugins"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]}],"data":{"size":179395,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"23720502fe80b354ca61e3428f9088c8","sha1":"f773a31e47378077c43888f0ab7e8f61b5ebf608","sha256":"a57d94dec251884438632aa2ff0e7bac772333107e93d1b9db5285a4b27a8af3","sha512":"8860856c572196a1dbe679f1096bdeeecf5ffafae8aa8c8cf7a180a87d9572873558f2486c4e4db9f88546dee5e0d6ff32e8aca641d4804c230f896a3245a492","ssdeep":"3072:O1Yk1kqkeikvkuKk4FVcUmoJiyDA5Eu6h80V3a7tqvFO5/nt9hjkRw4LqMUR58s6:I4OIdcUmofm3bsX","tlshash":"ba049769a8b2143b9c37c6c981bc8b0c17d6f105ca425a78b7fd137da7dade0358394a","first_seen":"2026-04-01T00:16:17.533275Z","last_seen":"2026-04-01T00:16:17.533275Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13629,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13629,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"kalaoffice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}