{"report_id":"b474506f-9972-4d2c-b727-118875c8a758","version":6,"status":"done","tags":[],"date":"2026-01-10T09:28:03Z","url":{"schema":"http","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"title":"SKG","dom":{"size":19393,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ab5c70a58846c57eb085b0aec3cbe00e","sha1":"11a148f3174ee67e3af19f885dc0ab7953ffc651","sha256":"c8ad0642f680a73ac56bd55edd1ba2b16dd71f6a6b5fc16952eae56ae19d6c11","sha512":"5c31d75258254179eb548d79156efc782a44c927babe00773c40aa12b5efd7af0fc2c1ede7b579d960646bdc13ad0a00f29b752dcdb3e4d1069279eeb761ef68","ssdeep":"384:uooem+P5jEPfcWoG654lnBahtgAqxv6KIPZQ26ZZfNr9kEv:f1m+P5jEPfcWoxuxH20","tlshash":"7092b794bb0d282a42330591957b53d4107e4917aa13ccafbcbd1af9dfd0cb9415b7e8","dom_hash":"domhash21ad11424ed699af145a62ad01636019","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-14T09:28:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"dailycbthn.com","ip":{"addr":"13.250.158.234","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"domain_registered":"2025-12-30","domain_rank":0,"first_seen":"2026-01-10T09:28:04.369096Z","last_seen":"2026-01-10T09:28:04.369096Z","alert_count":0,"request_count":5,"received_data":3807,"sent_data":2711,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]},{"fqdn":"kk9898.com","ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2024-08-22","domain_rank":0,"first_seen":"2025-12-20T21:05:01.956666Z","last_seen":"2025-12-20T21:05:01.956666Z","alert_count":57,"request_count":19,"received_data":2106932,"sent_data":8192,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"f41adcc838991003077620205d3c3514","sha1":"4625bd06baad9304499ee1c3abcd8925576249bb","sha256":"4311e6c3ba871b2779aee6e394614237dfacad3943b6a11bc3994500fa13e9c5","sha512":"3cbd982e8d793fb6fe5b3eb104bc07ff9b25b50426199aaeee71cd02b7a16c13b526d158ce6ec8fd02e3ff00ee38a80059a4c3885fb53196174c86fdb02fdec3","ssdeep":"","tlshash":"82f0f6d1930ce8e6ab339edf446d7381c97d4451653fb8fea0422de8d4d8434070e942","size":577,"data":"","first_seen":"2025-12-20T21:05:10.60886Z","last_seen":"2026-01-10T09:28:12.973713Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa27486c7b9f23d2237fcc04fc4cfb59","sha1":"a599a3af62fbebff44d5dabe9d21e10278c71566","sha256":"e2f68215c3b0f7776aad8e606362cfd7b574a43bd2aaf76abccb94b888aa87c8","sha512":"807c6a017fff747f0087b7a280eb4569b8160f248e3f34f39d1146419995b3c613ec53687dcde687d91e23e1965ca4d15e3ee9d3083c7b42beaf291a6cf8b5a7","ssdeep":"","tlshash":"5e31109eba993435c277b969890725507274e5877c10ecacfc8c03eb4f8822aa25378c","size":1798,"data":"","first_seen":"2025-10-26T12:04:14.103424Z","last_seen":"2026-02-14T23:02:30.943198Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"eval","is_inline":false,"md5":"4b88e37e5fd7947cc6f3510df6138ef7","sha1":"e2b831aa2c99cbc710d0ec2cd4bd3ac5af3aec4b","sha256":"f81f805b8e07a68d9de172cec6e1e677380bbae90b91f948bf8b3756cbb9ecfa","sha512":"f1e6de271a1b8eb84395fa14b05e553931d933a97b65d3f5d73b993fc72028d1ee319eef9c5b83ba2340397557216c452847c479a32e8f2bb9c64795109d7050","ssdeep":"","tlshash":"0e21206c2cf1e52292fe143aa63bd65d7aa001476253e54495cecc2c7d28fd90cabe8c","size":1113,"data":"","first_seen":"2025-12-20T21:05:10.592577Z","last_seen":"2026-01-10T09:28:12.95645Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"53616573d9b1ebfecc4c0aa6ad21bc72","sha1":"81d9cd040287c36c714d9706fcb68830d8b1e691","sha256":"07efd912917f628cab4281bcb5c6c9e043096adf8931d9bc61d073426e290381","sha512":"02ea3dfe681958acb933f46b47b3d8ebbad3132d9d34a6132a87a2577b3e46c32fa71c4fedeb7d423c0abbcc735ea0981ac45cd0129142ce69dfd9226a0a35a1","ssdeep":"","tlshash":"03f0a39d3c56b05737f97774c2278a6f3355070075836524c746cc7478548961c96d4d","size":443,"data":"","first_seen":"2025-12-20T21:05:10.60968Z","last_seen":"2026-01-10T09:28:12.975427Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/js/fakeloading.js","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"92b00df82de0a518ae7acdd85bbf65fc","sha1":"dc2013281be06839d1ff3e82598dc39e310aed8f","sha256":"5e817c701ed5be4866967b3561860b1739d60d9bd43e07bbcb5ffab351b7aca3","sha512":"2a8f4663a8fd3d5dbaf11fa4afb3faa21bd0f78be19144cd046118b10707be4ab37d7b2a68d0634fed982494d9e8d55c65fd2ba721ed8f5f2ccd954d4bcd102a","ssdeep":"96:amP1VmMRfaOx7wsXUdJMyaPxQwlMpPmQmaU2zF/Ms7jq5YpH:amTmOfP5jEPfcWoMpPmQDUKwYpH","tlshash":"37910fa4bf1d1590d39781d356bb2380213e44939c668cfffc6e21a84fc186a8287fa5","size":4566,"data":"","first_seen":"2025-10-26T12:04:14.081808Z","last_seen":"2026-02-14T23:02:30.918079Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/js/jquery.min.js","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"f832e36068ab203a3f89b1795480d0d7","sha1":"2115753ca5fb7032aec498db7bb5dca624dbe6be","sha256":"4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf","sha512":"b9dbc08c984ae3c7fd44822ec2e9a22cb8cf7da55fa3975dbbdc3f18fd7e7a7793e8d93604826574e3dd6a4f982d7af4f96c1af5e10d847b8394a34a82c398ba","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:ygZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"b28319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88144,"data":"","first_seen":"2023-03-07T01:24:01Z","last_seen":"2026-04-11T12:46:20.954474Z","times_seen":10560,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/js/swiper.min.js","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"06b841d117ab49f48e5e35d824857301","sha1":"1e25275a47d95d8f83cace2ae8ae75ec74cd8cff","sha256":"df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c","sha512":"0f36457c5cc2f76581421a49d3337a25445653d9679d6c1ecc0dad098bd83dcc9b1d455c1027eda18bcf76a494cca5f369c324d6805d9a7d69f261536038f93e","ssdeep":"1536:xApNsiJ532VXrtnTN0K8V7wluJTryZjk5PuFzLlvp0XvH7WcWUwcPqYbsE8EtObb:nVXrfX67F2mgLlufH7WcWUwcPquzab","tlshash":"07c31849b35071d551e72256539ed601a3b62805b90ac1a831b2dcdbacbde8c03bfefd","size":124740,"data":"","first_seen":"2023-03-07T13:51:26Z","last_seen":"2026-04-10T08:47:53.25992Z","times_seen":764,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"5601a03dec32b63981e13608dfcc0948","sha1":"434f47efd9d19fedbbea90bed0a68fccd34d75ac","sha256":"996fff252c31bf2cb9d1b4975ffb512735c93bda87983faaa50bfc8e5c0e1a26","sha512":"b2fee436fd793028a404a50f3f2ffa30d222f8558c567d23d843535d5a93ce51d51a813ec874bd746a7e222d2ad0dae0c65570c5208940b4c0574e91d1c0c695","ssdeep":"192:rLNN4Ho2sQ26A0h3f9byPM9TpEW4AhTKE5ef:rZQ26ZZfNr9kE6","tlshash":"c8e1a7aeb6a92035d563311c9b2f20883475645b6c05cc1ebc0cbee94f60d7b92a77ec","size":6777,"data":"","first_seen":"2026-01-10T09:28:12.976242Z","last_seen":"2026-01-10T09:28:12.976242Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kk9898.com/css/bootstrap.min.css","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /css/bootstrap.min.css HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 122497\r\nLast-Modified: Mon, 10 Feb 2025 01:56:20 GMT\r\nConnection: keep-alive\r\nETag: \"67a95cc4-1de81\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":122497,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65371)","md5":"06dae07748708c49cead618b75983bd6","sha1":"416f9d50cdb5854a1c6d4b68fa6b1bf485281ed4","sha256":"a21914fc6c19d410f948dcfa2986518a29cbfb0a12fbb7b3ceebbc57798fb8d6","sha512":"e7d9078a807bdb4dc8e97d1a838bff373a22a71276afe28fe046f06a2dabe744a283747f4de0dde34acb22f775ab2aeda07ce3b158c16965c4cd54bb7856550e","ssdeep":"768:ayPGxw/jc/YWlJxtQZIuiHlnTmUI4I8OAduFKbv2ctm2Bm8JP5eckOvS1Fs:Uw/otwIuiHlnTmT8lDbzzP9x","tlshash":"d2c3d7a0f11031ea7323c55a71d0ed872259a153e56a4eb7f22f25d88f886cb1773f1a","first_seen":"2025-12-20T21:05:10.589937Z","last_seen":"2026-01-10T09:28:12.949526Z","times_seen":2,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":508,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/top-1.webp","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/top-1.webp HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 147910\r\nLast-Modified: Mon, 10 Feb 2025 01:56:20 GMT\r\nConnection: keep-alive\r\nETag: \"67a95cc4-241c6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147910,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9455140b880d3510cd7c4fc48bfd0015","sha1":"44ec3b88f9c4859887053b23190b35aa90531ecc","sha256":"b39a750a3d8196b4a7447fc6bdc93dac9e348da7992f57374bad3f59166f9ef0","sha512":"0a4cbe990ee6f28ec2a8c0ca00d1e53faa1a1d1181995dc7da96ee8fdc544667720f2b5ba5bf6b58f10a6060235d5eef06cb4e2f2186a0e541f3330a89aac3e7","ssdeep":"3072:+0VOpZIsejMPF128+kbut65LymtwoDBJ1IabiUNvhaIwVWQbrsmQS38KlSU2:+0VOzIYFckbW6BZd7mQvhaBfXWT","tlshash":"e0e323eada7c9b99d45785490b8d33ab24691f1247ff17fed41c8038138ce9841afab4","first_seen":"2025-12-20T21:05:10.604825Z","last_seen":"2026-01-10T09:28:12.951617Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2871,"timings":{"blocked":1838,"dns":0,"connect":0,"send":0,"wait":511,"receive":522,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/1.webp","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/1.webp HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 126010\r\nLast-Modified: Mon, 10 Feb 2025 07:10:40 GMT\r\nConnection: keep-alive\r\nETag: \"67a9a670-1ec3a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":126010,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7525ceb7bbbb240219900837523abf89","sha1":"100fc170d1d810bd0e7b96072879b3f15f0b16be","sha256":"6ba3e4b63122d9c876cca7b1e91310e8c5ae2bd129370f18b0ca180f1f669c9b","sha512":"4d1bd0b5c7cc608b89fb9c1c04a0bc8faeb67b816c5c93cb6beaeb71c1cd11ffbd49fc4c1360da5b9fddc3856829dc3a5dd8cbb3dbb12aa7db9699149eb42867","ssdeep":"3072:f8ohc5rg6MpwGQEdTJrc14AA2ufSgxfs3ouxs5qHQd3Ovfi:LcdgHQouytxfs3fs5Fgi","tlshash":"edc312a0713e8f973c3ee502c9de0c7ecd76642ea5880177bd28f260c5b64196175bab","first_seen":"2025-10-26T12:04:14.092335Z","last_seen":"2026-01-10T09:28:12.953206Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3157,"timings":{"blocked":2639,"dns":0,"connect":0,"send":0,"wait":257,"receive":261,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/2.webp","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/2.webp HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 84092\r\nLast-Modified: Mon, 10 Feb 2025 07:10:40 GMT\r\nConnection: keep-alive\r\nETag: \"67a9a670-1487c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84092,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e760c26dea5a209e3cf27f5d30c155ab","sha1":"c35c3fc05bbb9b0d6aada9399e3b37a9835b010c","sha256":"c267c495081f4a9383706557efbe985d07351c29dd2702fed08d75aae32f13cc","sha512":"a885e5d8af03f15ba9c001cbccc47aa4ed6c5a5b73a1b4f91f841300b8f5bdfbc0d46fd0551cf10a2b43c901af79c6b6a66f0aa84d84b598fa8e438fc7e8ee3c","ssdeep":"1536:j/rTqumvkG8zs/NXWV4BgvWllAf9iiP7izkWGwK+8/9Sswvn4rspRirSfmVs:OVc1zs/kOBgvWjAf9iYiU+UScrsfz6s","tlshash":"e38302405f2a3a7ac48f8ad06f887e449416993de65cb6f3d072a714726780b0ed99f2","first_seen":"2025-10-26T12:04:14.080376Z","last_seen":"2026-01-10T09:28:12.954674Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2338,"timings":{"blocked":1830,"dns":0,"connect":0,"send":0,"wait":253,"receive":255,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/js/swiper.min.js","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /js/swiper.min.js HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 124740\r\nLast-Modified: Mon, 10 Feb 2025 01:56:20 GMT\r\nConnection: keep-alive\r\nETag: \"67a95cc4-1e744\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124740,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65271)","md5":"06b841d117ab49f48e5e35d824857301","sha1":"1e25275a47d95d8f83cace2ae8ae75ec74cd8cff","sha256":"df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c","sha512":"0f36457c5cc2f76581421a49d3337a25445653d9679d6c1ecc0dad098bd83dcc9b1d455c1027eda18bcf76a494cca5f369c324d6805d9a7d69f261536038f93e","ssdeep":"1536:xApNsiJ532VXrtnTN0K8V7wluJTryZjk5PuFzLlvp0XvH7WcWUwcPqYbsE8EtObb:nVXrfX67F2mgLlufH7WcWUwcPquzab","tlshash":"07c31849b35071d551e72256539ed601a3b62805b90ac1a831b2dcdbacbde8c03bfefd","first_seen":"2023-03-07T13:51:26Z","last_seen":"2026-04-10T08:47:53.25992Z","times_seen":764,"resource_available":true,"data":null}},"time_used":2090,"timings":{"blocked":505,"dns":0,"connect":262,"send":0,"wait":524,"receive":527,"ssl":269},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dailycbthn.com/ysapi/Record/GetDomainScript?d=kk9898.com","fqdn":"dailycbthn.com","domain":"dailycbthn.com","tld":"com"},"ip":{"addr":"13.250.158.234","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:44.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dailycbthn.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 01:21:37 GMT","end":"Tue, 31 Mar 2026 01:21:36 GMT"},"fingerprint":{"sha1":"7B:E4:6B:C7:E4:77:44:E4:F6:C5:58:62:4B:0B:03:9F:31:CB:81:0E","sha256":"9C:BF:45:07:7D:15:D7:1C:86:30:41:EC:92:24:4E:52:2E:F6:2A:6A:6A:39:94:4A:99:2A:70:3C:C8:7A:C4:CE"}}},"request":{"raw":"GET /ysapi/Record/GetDomainScript?d=kk9898.com HTTP/1.1\r\nHost: dailycbthn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=utf-8\r\nOrigin: https://kk9898.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-CSRF-TOKEN,X-TZ\r\nAccess-Control-Allow-Headers: X-CSRF-TOKEN,X-TZ, Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Allow-Headers,Access-Control-Allow-Methods, Authorization,Origin, x-requested-with, Content-Type, Content-Range, Content-Disposition, Content-Description\r\nAccess-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS\r\nX-Powered-By: ASP.NET\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1113,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"4b88e37e5fd7947cc6f3510df6138ef7","sha1":"e2b831aa2c99cbc710d0ec2cd4bd3ac5af3aec4b","sha256":"f81f805b8e07a68d9de172cec6e1e677380bbae90b91f948bf8b3756cbb9ecfa","sha512":"f1e6de271a1b8eb84395fa14b05e553931d933a97b65d3f5d73b993fc72028d1ee319eef9c5b83ba2340397557216c452847c479a32e8f2bb9c64795109d7050","ssdeep":"","tlshash":"0e21206c2cf1e52292fe143aa63bd65d7aa001476253e54495cecc2c7d28fd90cabe8c","first_seen":"2025-12-20T21:05:10.592577Z","last_seen":"2026-01-10T09:28:12.95645Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1529,"timings":{"blocked":636,"dns":113,"connect":253,"send":0,"wait":255,"receive":0,"ssl":269},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dailycbthn.com/ysapi/Record/GetAgencyByDomain?d=kk9898.com","fqdn":"dailycbthn.com","domain":"dailycbthn.com","tld":"com"},"ip":{"addr":"13.250.158.234","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:44.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dailycbthn.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 01:21:37 GMT","end":"Tue, 31 Mar 2026 01:21:36 GMT"},"fingerprint":{"sha1":"7B:E4:6B:C7:E4:77:44:E4:F6:C5:58:62:4B:0B:03:9F:31:CB:81:0E","sha256":"9C:BF:45:07:7D:15:D7:1C:86:30:41:EC:92:24:4E:52:2E:F6:2A:6A:6A:39:94:4A:99:2A:70:3C:C8:7A:C4:CE"}}},"request":{"raw":"OPTIONS /ysapi/Record/GetAgencyByDomain?d=kk9898.com HTTP/1.1\r\nHost: dailycbthn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kk9898.com/\r\nOrigin: https://kk9898.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.25.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-CSRF-TOKEN,X-TZ\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: GET\r\nX-Powered-By: ASP.NET\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.25.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":1528,"timings":{"blocked":622,"dns":113,"connect":257,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/logo.png","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:45.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/logo.png HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 27906\r\nLast-Modified: Wed, 23 Apr 2025 03:32:57 GMT\r\nConnection: keep-alive\r\nETag: \"68085f69-6d02\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27906,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"a6eb3970d047e9879d3ae2c4711232cf","sha1":"7083c1cbb678620764d2f5bdffbc20fc6528a444","sha256":"c7866f432ecbfed96a09b0becd339325b3e8cc81a565ff57752b7be10d1925b3","sha512":"7e3c377c642a905e988ce8d1a094cf924f27583fcb229b8c1a0cf4553e5bc9ddda754c1dd9ae94b1f6ca0639aadd0f5ddac7ec7875771939a05478180ea249da","ssdeep":"384:Fscoe9kQS512i4NnJfHYYlF7+5mMYtCWs4FTwz7QRHrbe/JxTi:d3W8V4YltCpYIWsGLbiJJi","tlshash":"59c2e129471b87ad51b7506bd7802ae43317c8908fbcaca3799fc54396a03f49de96c2","first_seen":"2025-12-20T21:05:10.602447Z","last_seen":"2026-01-10T09:28:12.958698Z","times_seen":2,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/top-header.webp?v=5","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/top-header.webp?v=5 HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 347262\r\nLast-Modified: Wed, 23 Apr 2025 03:32:57 GMT\r\nConnection: keep-alive\r\nETag: \"68085f69-54c7e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":347262,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cac4dc63ccebfd322788c18e24410a6a","sha1":"eb10c01a8abff12753fb6ef03d7480d8ec4ef54b","sha256":"e5a43a670484382c6bcac62b66a69f995b9eefbe8e4b4c1004d4b9a7a0bf05d5","sha512":"d9ae919cd28c68af440f852b235201ce75ceeed682a1da77c2b6134f625e25915755ed1247af07acba41fbc95436475668c4d2ebf98430c2ef68418ec8ee44ce","ssdeep":"6144:XmjoWJ+Izztz6uDtMcjXiu0RRJ1Ksfy+2k8Ik/EG/w1EqXtDfdkhW/bpmoICN9nE:WsWwopz6uKKiu0rxKk2Qr+eEUnk562","tlshash":"7e74233a18c18e2a4209c82deb2cd28f94d16e69ab4d7c12651dc4150712bffee5fdce","first_seen":"2025-12-20T21:05:10.60406Z","last_seen":"2026-01-10T09:28:12.960072Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5142,"timings":{"blocked":1842,"dns":0,"connect":288,"send":0,"wait":563,"receive":881,"ssl":283},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/tts2.webp?v=1","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/tts2.webp?v=1 HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 61794\r\nLast-Modified: Mon, 10 Feb 2025 07:10:40 GMT\r\nConnection: keep-alive\r\nETag: \"67a9a670-f162\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61794,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4af540b5a8a43b8a60dea54ee724cacd","sha1":"1ec557b772d1a59c5b738492065454835ddf06c2","sha256":"d85e87d6044ba3209394d26c262c94e43dbadc0b500555cb80f30d0b18c649f4","sha512":"a99a3b8d23c30f49c9b9a4a26d193f506e105fae27033f5e31e3d3b3fb01cb0cf183d08131346632fe8c473bbf8a4e59e82422c9c262ec5904041264654c3416","ssdeep":"1536:v3lUc9G64vZfvEpoEK7RWpTyh74KDLQjA/EKj4Mg6:/S6sUdK7RiTk7bwjAHg6","tlshash":"a25302b4cb609a16efd4a1b760a916a683719ccfb92fdf5dc1981347940a44c06efc38","first_seen":"2025-12-20T21:05:10.598462Z","last_seen":"2026-01-10T09:28:12.961052Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3115,"timings":{"blocked":2608,"dns":0,"connect":0,"send":0,"wait":253,"receive":254,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/tts3.webp?v=1","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/tts3.webp?v=1 HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 46046\r\nLast-Modified: Mon, 10 Feb 2025 07:10:40 GMT\r\nConnection: keep-alive\r\nETag: \"67a9a670-b3de\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46046,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1c8147d1b68da07502a0141824632699","sha1":"70aeb0181f0d64654ac5aced6e2623dd40f2c1cb","sha256":"6c4c1cd079754a1135d124d3f9b1fc2f955758650bda65181ebb69931463fc5b","sha512":"fe006125a12dbb89e02bd0f9cc629494751bed9cef0736e26bd6e857a4d0c8d71d9f57089ce19ea97fbf0641a2bb9ebe11f1d86fc7df4a4af508e842d2e4f321","ssdeep":"768:6uTgm2ENW1yKXO7F7eqgMo4auHRM+YJ7uKutdPBWk5f3QrJc86buOfTItX2Oi8:bTgmPNSPApEMfauxautdPokt3Q92umIf","tlshash":"dd23f1c38436dd50d286859bfc06caca6db3b41315a6e8034ef668649eecbad4ed8070","first_seen":"2025-12-20T21:05:10.594541Z","last_seen":"2026-01-10T09:28:12.962042Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2867,"timings":{"blocked":2608,"dns":0,"connect":0,"send":0,"wait":258,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/3.webp","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/3.webp HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 132652\r\nLast-Modified: Mon, 10 Feb 2025 07:10:40 GMT\r\nConnection: keep-alive\r\nETag: \"67a9a670-2062c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":132652,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ad97e5f202ebfce0124b063774f7b6a1","sha1":"c9a580465daf0df579152d4883b4a9877fef7660","sha256":"aee28a88f693a8cf9e25987b6dfd619041bdcf6e2ced86c5a75b46c3e1e6259e","sha512":"cce9cb1ba3cadc6ba133374ebcf4639ee3a97aae7edd17da85ce82482a129606b54b65f054b18307c82ead7cd71ae0e337815ab49b25d84cc6170ea675e4ce5d","ssdeep":"3072:Ldf6L151kvPALZhqjTy8Spx+sQx8bAO31Vb5ClmXs0vvG6:Ldf6dk3Tqd6sQxgNbYlS","tlshash":"81d312103a7578d96144565228c742b6f8dea81b372322476b7f23e5422abdcf72c42f","first_seen":"2025-10-26T12:04:14.094402Z","last_seen":"2026-01-10T09:28:12.963043Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2347,"timings":{"blocked":1828,"dns":0,"connect":0,"send":0,"wait":255,"receive":264,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dailycbthn.com/ysapi/Record/GetAgencyByDomain?d=kk9898.com","fqdn":"dailycbthn.com","domain":"dailycbthn.com","tld":"com"},"ip":{"addr":"13.250.158.234","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:45.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dailycbthn.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 01:21:37 GMT","end":"Tue, 31 Mar 2026 01:21:36 GMT"},"fingerprint":{"sha1":"7B:E4:6B:C7:E4:77:44:E4:F6:C5:58:62:4B:0B:03:9F:31:CB:81:0E","sha256":"9C:BF:45:07:7D:15:D7:1C:86:30:41:EC:92:24:4E:52:2E:F6:2A:6A:6A:39:94:4A:99:2A:70:3C:C8:7A:C4:CE"}}},"request":{"raw":"GET /ysapi/Record/GetAgencyByDomain?d=kk9898.com HTTP/1.1\r\nHost: dailycbthn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nOrigin: https://kk9898.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 137\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-CSRF-TOKEN,X-TZ\r\nAccess-Control-Allow-Headers: X-CSRF-TOKEN,X-TZ, Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Allow-Headers,Access-Control-Allow-Methods, Authorization,Origin, x-requested-with, Content-Type, Content-Range, Content-Disposition, Content-Description\r\nAccess-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS\r\nX-Powered-By: ASP.NET\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":137,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"960777c2036b4747ef283105414e8bb9","sha1":"bd96ab0ea8425ff54b9018f6a8ea8ac62d36445a","sha256":"11a7f03e6db0f4c3d1310b74125f6ad5b7be25529b46f8634a25de2a64a3d064","sha512":"affe58a562b2ce5d7563ade64019d1eb107afddaf44c4f915dd7b00cde74b0e88ee65c1d5d664f3b5350d5ae4fa1a31b964f412eb8062429738ba833bdc3ae43","ssdeep":"","tlshash":"dfc02b11442c594f6ec00040360b3f000a6cf0430c102f94c5ac8f2244da2704204000","first_seen":"2025-12-20T21:05:10.588729Z","last_seen":"2026-01-10T09:28:12.964037Z","times_seen":2,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dailycbthn.com/ysapi/Record/InsertWebAccessLog","fqdn":"dailycbthn.com","domain":"dailycbthn.com","tld":"com"},"ip":{"addr":"13.250.158.234","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:45.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dailycbthn.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 01:21:37 GMT","end":"Tue, 31 Mar 2026 01:21:36 GMT"},"fingerprint":{"sha1":"7B:E4:6B:C7:E4:77:44:E4:F6:C5:58:62:4B:0B:03:9F:31:CB:81:0E","sha256":"9C:BF:45:07:7D:15:D7:1C:86:30:41:EC:92:24:4E:52:2E:F6:2A:6A:6A:39:94:4A:99:2A:70:3C:C8:7A:C4:CE"}}},"request":{"raw":"OPTIONS /ysapi/Record/InsertWebAccessLog HTTP/1.1\r\nHost: dailycbthn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kk9898.com/\r\nOrigin: https://kk9898.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.25.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-CSRF-TOKEN,X-TZ\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: POST\r\nX-Powered-By: ASP.NET\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.25.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/js/jquery.min.js","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /js/jquery.min.js HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 88144\r\nLast-Modified: Mon, 10 Feb 2025 01:56:20 GMT\r\nConnection: keep-alive\r\nETag: \"67a95cc4-15850\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88144,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"f832e36068ab203a3f89b1795480d0d7","sha1":"2115753ca5fb7032aec498db7bb5dca624dbe6be","sha256":"4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf","sha512":"b9dbc08c984ae3c7fd44822ec2e9a22cb8cf7da55fa3975dbbdc3f18fd7e7a7793e8d93604826574e3dd6a4f982d7af4f96c1af5e10d847b8394a34a82c398ba","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:ygZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"b28319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:24:01Z","last_seen":"2026-04-11T12:46:20.954474Z","times_seen":10560,"resource_available":true,"data":null}},"time_used":2358,"timings":{"blocked":503,"dns":1,"connect":253,"send":0,"wait":507,"receive":832,"ssl":258},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/tts1.webp?v=1","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/tts1.webp?v=1 HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 54728\r\nLast-Modified: Mon, 10 Feb 2025 07:10:40 GMT\r\nConnection: keep-alive\r\nETag: \"67a9a670-d5c8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54728,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8d7479dde05bfbe9d87e63f5cd7ab9e6","sha1":"7e04528e1a3dd42cee05ed3ae92a13ad5f60e405","sha256":"e6ddd1b7450d70a9e3a8b6444ce831efb2ebc5e8f66206484bf0b8044ed0d7f7","sha512":"2eb2d19b769288852ed13e0a9c13c938768255719521cd467ea0d66cebef075d0f1f1f70e16eff5a8ac8467fc906f8605e4f95d9f6caba538497c544665f25de","ssdeep":"1536:CLD9NAFYyEYfIzV1WAPCXE6YXtvYmVKtpiNWxc:YB2FYUfIZ1pPsIXJYyKt8","tlshash":"ae330243d4b0a95ac60f017ad16e364007651db4e3be2cbfe5e6476ee4ba010472bb19","first_seen":"2025-12-20T21:05:10.6056Z","last_seen":"2026-01-10T09:28:12.965724Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2610,"timings":{"blocked":1837,"dns":0,"connect":0,"send":0,"wait":514,"receive":259,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/bottom.gif?v=2","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/bottom.gif?v=2 HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:45 GMT\r\nContent-Type: image/gif\r\nContent-Length: 215812\r\nLast-Modified: Wed, 23 Apr 2025 03:32:57 GMT\r\nConnection: keep-alive\r\nETag: \"68085f69-34b04\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":215812,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 720 x 133","md5":"d303bd4f36e012ccd900ab31cb467a23","sha1":"dc02815f812abcb0c849f94523ac789f85d63e89","sha256":"18298e806423f7d28fe08c4e81f4f063fbc05ebfcb8ddbf8b06fdf9e9de7c57b","sha512":"c7ccb2c48995481b78dba3e9860b66df3fca320cc05889d9fb1ff618b8a5ad68c2b05c0a7fc2de7ecf185171ff0d547c3229dee7743958008ba68d3d0b430a48","ssdeep":"6144:tnqzyxLy/lsfVNJUF1LQasMz091wOZkPO6D3Kk:t6KydC7SrQasEO+a6DF","tlshash":"822423cdfa625176e509102d87edda1acfcf287d9afc9d1016c37f93180e52ae4109da","first_seen":"2025-12-20T21:05:10.606324Z","last_seen":"2026-01-10T09:28:12.966673Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3375,"timings":{"blocked":2860,"dns":0,"connect":0,"send":0,"wait":253,"receive":262,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/ttsbox.webp","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:44.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/ttsbox.webp HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 46386\r\nLast-Modified: Mon, 10 Feb 2025 01:56:20 GMT\r\nConnection: keep-alive\r\nETag: \"67a95cc4-b532\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46386,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2d1183e9d2bd6877bd9ee22cbb3e26a4","sha1":"8d34f2ef9b500e5870e8b872119da23380ff6bf9","sha256":"479222a5dfe3a2a7585dde45d4d3dfb9b947dc065d53f10c377173986ac253b2","sha512":"8cb3f32df8202d409ecb94b316c63b7a7f7987dffa7328f7ab626551a9fc5813fb90cff23c208629096883f612da95013a3e1415b236b49437c1877f03c014d6","ssdeep":"768:UvJ7W/hNQzr1DHzA8sfHkgxeFLApJKQPR2AWUaS+MQnjnjJSpy+q5SmA2IOV6rV:UR7mhNkr1DzylxeFkL2AWUaSHQjNQq5W","tlshash":"cd23f17bcd9965a0d82c936bc66cee5909008e4d7f25031cfeba4f6e9c593b091c848e","first_seen":"2025-12-20T21:05:10.601615Z","last_seen":"2026-01-10T09:28:12.967654Z","times_seen":2,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":501,"receive":255,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/btsbox.webp","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:44.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/btsbox.webp HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 68126\r\nLast-Modified: Mon, 10 Feb 2025 01:56:20 GMT\r\nConnection: keep-alive\r\nETag: \"67a95cc4-10a1e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68126,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bdb07aae55c0779c2e5eee4ab6b1d6bf","sha1":"dabbd9405bc4c7343585d17f33b52f66a28957eb","sha256":"d1d53dea477ab14a888c2eb065d68865e2b1a1404d378d0c6b075cfeec327e2a","sha512":"da5f4ada027a2248d18a64c48472834e05149b3fa870201f9fda8504e243631159e154b17534b18fb4395db5a07458c689710bbf2aaf24cd93038b39a9b68221","ssdeep":"1536:cKWFJOa8XEvBrT6hLn4ykJ5Nn8QxuqAnZqkb9hxF1y3Zv:cKWnOaXPykJ5Nn9x8zhZmZv","tlshash":"cc63f2d79730949af47490be6c62982fe700a57da725e3b406e603b06e2d0effb91446","first_seen":"2025-12-20T21:05:10.607152Z","last_seen":"2026-01-10T09:28:12.968609Z","times_seen":2,"resource_available":false,"data":null}},"time_used":723,"timings":{"blocked":467,"dns":0,"connect":0,"send":0,"wait":254,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dailycbthn.com/ysapi/Record/InsertWebAccessLog","fqdn":"dailycbthn.com","domain":"dailycbthn.com","tld":"com"},"ip":{"addr":"13.250.158.234","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:45.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dailycbthn.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 01:21:37 GMT","end":"Tue, 31 Mar 2026 01:21:36 GMT"},"fingerprint":{"sha1":"7B:E4:6B:C7:E4:77:44:E4:F6:C5:58:62:4B:0B:03:9F:31:CB:81:0E","sha256":"9C:BF:45:07:7D:15:D7:1C:86:30:41:EC:92:24:4E:52:2E:F6:2A:6A:6A:39:94:4A:99:2A:70:3C:C8:7A:C4:CE"}}},"request":{"raw":"POST /ysapi/Record/InsertWebAccessLog HTTP/1.1\r\nHost: dailycbthn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 89\r\nOrigin: https://kk9898.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":89,"data":"{\"agent\":\"k000a\",\"url\":\"https://kk9898.com/%%https://kk9898.com/\",\"access_type\":\"ACCESS\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 134\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: X-CSRF-TOKEN,X-TZ\r\nAccess-Control-Allow-Headers: X-CSRF-TOKEN,X-TZ, Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Allow-Headers,Access-Control-Allow-Methods, Authorization,Origin, x-requested-with, Content-Type, Content-Range, Content-Disposition, Content-Description\r\nAccess-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS\r\nX-Powered-By: ASP.NET\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":134,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4ee19d9286dc8816aa6b0322609a46be","sha1":"0b7e1bf18acd85a4ca092be3bd5b474e64a10a93","sha256":"8da999d4ee606d57442200ec791a026968e664aabc8079eff6d670512daf6841","sha512":"06aa0826a7d26bbd6c2693f2aa6b270c614b2fc77b9322f040b18e23caa4e2ee710f161b040fc2cabfda7cf1fe4adcc0347bae8b90c37f002ecd1ceb0eef6836","ssdeep":"","tlshash":"7dc092659829ae5f6ec150802a0b3f000aadf4971c645fa8d6ac9f2298ea6b08609514","first_seen":"2024-09-20T21:35:53.010299Z","last_seen":"2026-03-17T09:10:36.044966Z","times_seen":31,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-10T09:27:40.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:41 GMT\r\nContent-Type: text/html\r\nContent-Length: 12307\r\nLast-Modified: Wed, 31 Dec 2025 02:48:19 GMT\r\nConnection: keep-alive\r\nETag: \"69548ef3-3013\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":12307,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"6f99e3629ae7fe928b5371999be994da","sha1":"0a1270b063e71cfd958d802f08b101690420f0de","sha256":"83ba1b55dc0d153ef5f9977b611fa9905dbc4e42794afb9104823436eb33a573","sha512":"e1cfe2b178dea543c617dcdca1cd633554a53f391ac568e0dab3fe960db025ddeb90bf31b1ac9b63740cdbe1a9f986eb35a9dffa3bbb0a14c57f52bdbff923ac","ssdeep":"192:g+jIhkyHuJOojz9nJrn47nMXVsANwzLNN4Ho2sQ26A0h3f9byPM9TpEW4AhTKE59:7oojJnBn47nMXV4ZQ26ZZfNr9kEQM","tlshash":"94420795a74d183a522314589a3f22c8247e481b6913cc6afc7d6db99fd0db9802b2ec","first_seen":"2026-01-10T09:28:12.970389Z","last_seen":"2026-01-10T09:28:12.970389Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2275,"timings":{"blocked":883,"dns":362,"connect":253,"send":0,"wait":507,"receive":1,"ssl":265},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/css/swiper.min.css","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /css/swiper.min.css HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 19512\r\nLast-Modified: Mon, 10 Feb 2025 01:56:20 GMT\r\nConnection: keep-alive\r\nETag: \"67a95cc4-4c38\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19512,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19512), with no line terminators","md5":"703a5ce3da9e49a5142901060c4ce055","sha1":"a079b0597033a9853cfff6729b4716658e33e588","sha256":"de4816cdb5a9455b3ef99c43778811a4694ea3f2c70aa275d7b2d4de0175190c","sha512":"7e9d0eabcc784b617329788b540fc9f6304d295771275d04625a0fb0a3712c471f002ea915e59c9d33a355af210c306be7ed05c98083fc9df0efc5be81700a6e","ssdeep":"192:haNf/lSSyJWCh8zfi5o/mXDN3eBxwdJ5c:ha1/lS0Cifi5o/mXOGJ5c","tlshash":"8092512c17003057e6330f1a87d99778c725c9939e8358ef6250ee48c7bb96932af766","first_seen":"2023-04-09T14:59:17Z","last_seen":"2026-04-05T20:56:31.417029Z","times_seen":161,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/imgs/top-btndown.gif?v=2","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /imgs/top-btndown.gif?v=2 HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:44 GMT\r\nContent-Type: image/gif\r\nContent-Length: 371798\r\nLast-Modified: Mon, 10 Feb 2025 07:10:40 GMT\r\nConnection: keep-alive\r\nETag: \"67a9a670-5ac56\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":371798,"size_decoded":0,"mime_type":"image/gif","magic":"RIFF (little-endian) data, Web/P image","md5":"4885cdd75b29d6e0569c49c7e42dc142","sha1":"3c39e6cf8d65006a5a7dec2fde7617cbafcc9dd1","sha256":"338c979ca9c731b04a889af87e29f5d947016637af73df50b8a453bb10cc97f8","sha512":"32cec4fdaafcd95301b8d464bdf537db43f1fbbabde9007b07269c341289241e83d35be0c747fb95b9a3e28ddcaeb50d5d85b920cbac93b3acd18b87d65e6564","ssdeep":"6144:9BYD6URLj7pre3gVp+9WA0UzdEplfnp7HFO80BFgJ+F6BI4XzabSp9y1H:9B26UR37xmU+9WA/KBHM80DggQBI4XWZ","tlshash":"e48423973efaebe6ce133c5a0c40b5c123504466de7ac09179dd1f9ace9c5627290a8a","first_seen":"2025-12-20T21:05:10.590847Z","last_seen":"2026-01-10T09:28:12.971804Z","times_seen":2,"resource_available":false,"data":null}},"time_used":8533,"timings":{"blocked":1840,"dns":0,"connect":0,"send":0,"wait":501,"receive":6192,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kk9898.com/js/fakeloading.js","fqdn":"kk9898.com","domain":"kk9898.com","tld":"com"},"ip":{"addr":"47.241.97.156","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kk9898.com/","date":"2026-01-10T09:27:42.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kk9898.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:32:00 GMT","end":"Sun, 29 Mar 2026 00:31:59 GMT"},"fingerprint":{"sha1":"A2:13:8E:D5:A0:ED:80:4B:DF:8C:C3:13:34:0A:AB:0F:14:75:4C:2C","sha256":"A9:EE:21:85:A7:B9:65:49:79:CD:BE:30:69:D9:2A:9F:0C:B3:34:EE:8A:EB:12:28:7C:3A:50:95:88:11:74:C3"}}},"request":{"raw":"GET /js/fakeloading.js HTTP/1.1\r\nHost: kk9898.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kk9898.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.1\r\nDate: Sat, 10 Jan 2026 09:27:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 4566\r\nLast-Modified: Mon, 10 Feb 2025 01:56:20 GMT\r\nConnection: keep-alive\r\nETag: \"67a95cc4-11d6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"92b00df82de0a518ae7acdd85bbf65fc","sha1":"dc2013281be06839d1ff3e82598dc39e310aed8f","sha256":"5e817c701ed5be4866967b3561860b1739d60d9bd43e07bbcb5ffab351b7aca3","sha512":"2a8f4663a8fd3d5dbaf11fa4afb3faa21bd0f78be19144cd046118b10707be4ab37d7b2a68d0634fed982494d9e8d55c65fd2ba721ed8f5f2ccd954d4bcd102a","ssdeep":"96:amP1VmMRfaOx7wsXUdJMyaPxQwlMpPmQmaU2zF/Ms7jq5YpH:amTmOfP5jEPfcWoMpPmQDUKwYpH","tlshash":"37910fa4bf1d1590d39781d356bb2380213e44939c668cfffc6e21a84fc186a8287fa5","first_seen":"2025-10-26T12:04:14.081808Z","last_seen":"2026-02-14T23:02:30.918079Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1292,"timings":{"blocked":502,"dns":1,"connect":258,"send":0,"wait":257,"receive":0,"ssl":270},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-10","alert":"Sinkholed","trigger":"kk9898.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}