{"report_id":"e0fede23-1bf0-46c3-9ae2-5cba9bb26e02","version":6,"status":"done","tags":[],"date":"2026-03-04T09:13:02Z","url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"title":"168极速赛车官网开奖记录查询 lab®-极速1分钟\u002675秒赛车历史结果号码预测直播","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T09:13:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.api168168.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"station-lab.com","ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-09-23","domain_rank":0,"first_seen":"2025-11-08T07:22:09.033398Z","last_seen":"2025-11-08T07:22:09.033398Z","alert_count":66,"request_count":22,"received_data":3316520,"sent_data":10142,"comment":"","tags":null,"fingerprints":[{"name":"Site Kit:1.159.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"Elementor:3.26.2","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"All in One SEO:pro 4.3.0","description":"All in One SEO optimizes a WordPress website and its content for search engines.","website":"https://aioseo.com","common_platform_enumeration":"cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*","icon":"AIOSEO.svg","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}]},{"fqdn":"www.cytena.com","ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-21","domain_rank":0,"first_seen":"2015-04-09T16:36:20Z","last_seen":"2025-11-08T07:22:09.553354Z","alert_count":0,"request_count":31,"received_data":2368401,"sent_data":16456,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}]},{"fqdn":"xy678kjw.com","ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-11-29","domain_rank":0,"first_seen":"2025-12-01T12:22:40.644769Z","last_seen":"2026-03-01T04:34:59.507671Z","alert_count":0,"request_count":24,"received_data":765818,"sent_data":11297,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"api.api168168.com","ip":{"addr":"20.48.82.22","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Japan","country_code":"JP"},"domain_registered":"2020-10-09","domain_rank":0,"first_seen":"2020-10-09T11:31:19Z","last_seen":"2026-03-01T09:10:49.587538Z","alert_count":5,"request_count":5,"received_data":197424,"sent_data":2362,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-03-02T03:22:44.787708Z","alert_count":0,"request_count":2,"received_data":725,"sent_data":784,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hm.baidu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-03-02T02:50:27.298567Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":438,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bd51static.com","ip":{"addr":"35.215.189.171","port":80,"asn":15169,"as":"GOOGLE","country":"Hong Kong","country_code":"HK"},"domain_registered":"2021-10-07","domain_rank":2891718,"first_seen":"2021-10-07T04:20:25Z","last_seen":"2026-03-01T09:10:50.003167Z","alert_count":0,"request_count":1,"received_data":1758,"sent_data":327,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce71388c2d441cfb9ef0985bc4e5bb71","sha1":"1e74c490ed76f671eb45ab0b45c9c9f5b9b89f0f","sha256":"efb5a648656ae8f944fbf74e5644126464160ab50197a288c8b587e74edd575a","sha512":"8ccd39ea8643980590cf71014ceee6bb774de11bc87aa162d3b1e48b0f6c392399186fabf147e0cbe9990950cf75e5517d78a357b01e6afbdb00472909db3a1d","ssdeep":"","tlshash":"89f0bef14158513f2ae2190a5412b2a63d7300baf3067080d46d9c605274ba9862afaa","size":476,"data":"","first_seen":"2023-03-07T01:02:50Z","last_seen":"2026-04-04T12:43:00.092079Z","times_seen":33608,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/drawLines.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7db0502baf867aa0663475b899ffb19e","sha1":"a69f4ef6ab52c62d9885dc55b733c8c37687383e","sha256":"8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb","sha512":"68964174935137b93491d1bea5e3fec05f068dabd36cf5670bb03c6c4eb30bdfbc493b8002eb8d1e46d7289f9c8430d25d230e1e6870d89fe53cf0f7be78794b","ssdeep":"768:uVYu93uZgDPN6cypp08tc25yBY/BEMXH7YE7cpv:u19MgDl6NppjtDwBY/BEUH7Yecpv","tlshash":"18b208eaf2863475818b63a9143f6749f13368156e06844cf479d8d26d38f8970bfe78","size":24891,"data":"","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.662456Z","times_seen":1333,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"8467db842d991690c82933efb7b01cdd","sha1":"32a2f004dc8d2456f3ca48d272dd9ca00717ca3e","sha256":"1ffee30f82365c43b74624b6154ddade06f47947f236efaf18fe171ba476cdc3","sha512":"c272cf4f91b1cf7ec0255c063567ebaac6016d42e65de6b701c4278f683581f36df0fc7447141b99c8530c3b49c8dcff663ab92b604e6cbc5f24f139177c1a33","ssdeep":"192:PovBZROyP7zVHHYg/+ecb2SBO9xOI4nnIIzSBmqI/PvI2ILKpjMgmfxYaRAngFuz:P8LlHYIJSBFhnBSBmqYHlyUjukngF2","tlshash":"9a32d8b9373a6ab42af1a2b25229f710f72011a66103405c753ddde2980ce9f3579ff6","size":11282,"data":"","first_seen":"2025-09-30T03:05:00.869078Z","last_seen":"2026-03-04T09:13:08.43306Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"59aa2d2a1f07d4611d2a397cedd06b1b","sha1":"c9e591651d9f53e9839a56b73007c5bd895b7507","sha256":"6149508e065c74ce1055e3059e76a8240f4b66f108376f54bb566a41a454c072","sha512":"211676802236515681a81e1183fa0f3c3a993a1781015030cc778f3146bf4acbe1b2432f723d5be89d563de4d89c909c620af477611be330a82c42a0d42a75e7","ssdeep":"","tlshash":"950197bee891a1585bc335b89bbbda48d0ae0429d01ed803a8d6c4cd2e3cfc8143234c","size":847,"data":"","first_seen":"2026-03-04T09:13:08.434922Z","last_seen":"2026-03-04T09:13:08.434922Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"827cb85e1f61bb0bb957b5d968027e73","sha1":"ea9ae5d3d14e119965e3466db37693789726cacb","sha256":"ea7c9d9dab03280c583e1ee68646102de5dca756091b45eb7b221c89bd704714","sha512":"d93087b1f91add14ad16dd613355f08af14db08ae5506693f856a27bad70f8fcc2e98d0cc2ba303e61e3bd599040a2d16614ef061b99fd673190e70e4163fa90","ssdeep":"","tlshash":"a0c08c2eb06f8e8e22f193eb039183c29269400884ad1b08ce989c1906cb20a1682521","size":163,"data":"","first_seen":"2023-07-10T11:33:07Z","last_seen":"2026-03-26T22:51:01.973947Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a1d35929c8a5d41fd1bdcc11af6ebbb","sha1":"94ffaa2d45a277ffe1ad8c38e3f89a7757e2b18d","sha256":"c48211233ed95a160aaa2fc2b6e00cd4c2f64374e123d4169142a6467293ba1f","sha512":"e9c5ecda6d74f95ab77a2117d88a6b92cf41f749175b93b046c725e866c81f1eb6156c7342a0be23cbc9f823b5e9b60cd5497cd561abf96e97321b7646807c13","ssdeep":"","tlshash":"c3d05b4b4ddfca9319d518ca9811357f32a42253a69449095285bc740252d41da91c2b","size":268,"data":"","first_seen":"2025-11-08T07:22:22.857146Z","last_seen":"2026-03-04T09:13:08.437436Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"27ef204849923e64f66614c3ac203ed0","sha1":"0d972617f89693fb098593dc166bf97faebd9b41","sha256":"1d6cefa536b6fd86109b75f2bb05d89b655166afbdd966a2b4706e4a3040c6b3","sha512":"d470e8ae588e883f0b9027445cb6a47a6ae3929d402e987b6d32d16c6135d1f7cea83f396b9226549c31832d94797c7092478c36e3cc7b38b06f983c68265912","ssdeep":"","tlshash":"a0d0a76c124add5362976ec8551930e2f0f11503e6dd9899a6c8fc580710d80ce0945f","size":231,"data":"","first_seen":"2025-11-08T07:22:22.858831Z","last_seen":"2026-03-04T09:13:08.439481Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/js/lazyload.min.js","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb15a10a641a318f91e7e912e4f9c184","sha1":"bd41f67233facb96976ed7b8e7207d52c03d340e","sha256":"f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a","sha512":"49570d36e5b1ae3c3a4965f7d054258ff676326bee0d9399aa990926e9a762f699de1d09078debadc43b363ae51d740ba33f2e8c64bb223a73d3c62872ebb3d2","ssdeep":"192:pDvu5/2Pbq1Ztbat1oeeC9X8UnZ/HuuwJgbClRL/YeFG/uW1evaO3Ve:pTw/4QOx+R8puVY","tlshash":"b60233487946746b3973f0f6218f02ca353a24426ced6854a6e1f8e82d7858d1463f7d","size":8892,"data":"","first_seen":"2023-03-07T01:19:39Z","last_seen":"2026-04-04T12:38:43.861282Z","times_seen":50730,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/date.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9256f059d597b6c3fa046e00d457fcd","sha1":"a5d5298fd6737d99e4dd71f9b1f686849f5f87da","sha256":"5de11f7b517d7f89c70ea78a8fe23a2f86bd848c8eb098003623b9faaff42d2e","sha512":"0757aeb4cea229877f10c0bd5b411cc9836fb66242fe99c5e96d4a13737835b180533e1c4693eec7d3718f8dd6a474b023788c38272a4b38a8b17f24a0a81951","ssdeep":"96:JUAuXHhJ376UYX6sfWdJVeAflACAEYB+zq0LfUvsHFH6+PpDQAyiDJpeC78Kf0rq:CAuzYXtANACAEXlc0DQIsKfPcmF","tlshash":"fef10e4274303008237a91fc75ce928a25f06dffe61a415ea451fe8927deb7e1b7b219","size":7901,"data":"","first_seen":"2023-03-07T12:24:05Z","last_seen":"2026-04-04T12:32:58.678965Z","times_seen":1335,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/html/jisusaiche/index.html","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"68a98d9e00c5b2e9c5ef03b2f70ffd7e","sha1":"17842dc377d9e77096ab9de1ecc71e4fffaf2200","sha256":"c129618552deadc90624ba69dac929378504f8f5d6a79f900671568ab79d3b07","sha512":"53679db19bc6ff0c688ede02f1c272232629990d93832da5c32bd8ea05750829d284be32b968ba2fa04a0bd5fa83ac75a7fb7b6f6fce62a448c7a63b3b0adfca","ssdeep":"","tlshash":"e5016d19f7dc5b5760bb3250556b86c9142e0c69e504ac40b59f4bd52b9f3bc610fa08","size":753,"data":"","first_seen":"2025-03-06T05:20:52.188346Z","last_seen":"2026-04-04T12:25:08.375462Z","times_seen":1079,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-04T12:50:08.942387Z","times_seen":81371,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"c3041f910d72f3447c03a53d6b8df977","sha1":"d2959e0ca4bfa2ec8613d1fba8ae2399aebdd123","sha256":"9b5e9931c5ad5f273f4c6eb5988506ef60471957923124b28aab2f8563e8b7fd","sha512":"1aaa643d8fd3c1255ae3de97f9e4b1853ecf010a5e7c64d1104c26a74dea762e0346670a77b0a81179a1768203c7a267013c3489844ff9e89dfdfe6242c1b9fc","ssdeep":"","tlshash":"8eb09219454a8e9363dc7dc8a514395331e02216ba614c423b89fc681129d82cd0825b","size":109,"data":"","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-04-04T11:28:49.064116Z","times_seen":14110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"d78e1c662edc2fe4fe63cf1f9fee639f","sha1":"41b42ca1cbde8717e61ca0d7c55e86c079a219d9","sha256":"c5ffe32ada6bf3f9709e5c36b1cbd5cbf8484211605220bc52e59905928f7ef1","sha512":"ac64132f2bf413008150d7da385ffd9a2647dcd31860c6d4723f2e88c6cd0c256226e3fa0a5a1792bb3cc21cece3dc0a3e9d12643ee7ff0dbe71c4f6ccffe581","ssdeep":"","tlshash":"9fe06df7b5d674a0c52e0041c5527bfcbd7dc01597515e7299263f3913469eb0424e5c","size":425,"data":"","first_seen":"2025-12-02T13:06:24.213395Z","last_seen":"2026-03-21T19:15:38.746454Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-04T12:50:08.942387Z","times_seen":81371,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/html/jisusaiche/index.html","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b5ba1987c326caff723c9d97e8861c53","sha1":"b0ccc756cd1f246775e92164d1aaa7466a9c9888","sha256":"2c20d2ab9ec4c841d3d2a542a69bce267860b93d1af033153f02d66b13c75208","sha512":"1bd74ce1c237317cd33ab4d1cb342f238f9f27a3d2ead7b1d58c7fbc87065b432c402e747f0a9b2e7a35b8e177391e0ad82ab8c40e02c9b553940ec0fb12947d","ssdeep":"","tlshash":"61b092c3b9c50a53a0323108b8aae8c2c01731287699a916c46443bc56dd3a09f42241","size":125,"data":"","first_seen":"2023-03-07T14:01:44Z","last_seen":"2026-04-04T12:32:58.689522Z","times_seen":407,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/js/email-decode.min.js","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-04T12:47:48.237389Z","times_seen":292120,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"8f47c7b263d6bd83f7bb5228b19362f2","sha1":"180dc58469080922534cf2e84f9efb5473a061ce","sha256":"445290408c271df6c42141f6e48782e8ecd5d0348a0d6aed9b1ea9503712f015","sha512":"2deeb42277ab5bd567b5a65fd5f124b45cf5559431fb74f868b60dfb938877f95d9597070c48c65e854eef7f0ff57ca2300d0bb51d5d0e3d1e1a7d433798b892","ssdeep":"","tlshash":"e6c08c1000822d0167df5c23a0218e54b0fe8091d1d8f4eda87c4e14b3c7b2f1b6d208","size":161,"data":"","first_seen":"2024-07-02T12:48:24Z","last_seen":"2026-04-01T05:14:26.178623Z","times_seen":1308,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/jquery.async.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e3cd10cd7579756c32b479d018996ce","sha1":"f802c0231c81b061352b3c7bb4c64c143ce353f2","sha256":"9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f","sha512":"f268b0dfed8599261280098146616a56bf347d56edaae23924373d6f09c09df07eae57e89cd05fc86175aaa6e3c6d1e12a987a5ee5bb5d678a8e65db3a04c421","ssdeep":"","tlshash":"4a119cd87791a6050752b46c077f211cd23638141c1f9558b6bef4e25c1931eb12e9b0","size":902,"data":"","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.591031Z","times_seen":1333,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/local/pk10/head_jisusaiche.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d17eeb07e12644cc27e6d8f63353d70","sha1":"1074682081821f439af386aa7fba49778623e7fb","sha256":"9fa1916fb1f0ec143e93280bf4daea5e31aeaab49714b4a973b70c6e9edc50fc","sha512":"1beaa7a19ad419b36b051737ff13d9c31c2ec7d39fd4281e12fad2856e61b8c3b2cb82539a56c42ea9f959d4236fe68c5cef6a6658b8f1d0c8c0bf21187872f0","ssdeep":"","tlshash":"19e0c20a58373416a496b328591ec447b4967e89a083acac5e83e58124288cd681df2a","size":303,"data":"","first_seen":"2023-03-10T09:25:11Z","last_seen":"2026-04-04T04:03:46.048747Z","times_seen":398,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/config.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3dd88f111bcd4deb3c3a72e4a896e37e","sha1":"9cacd59cb319758376cbf978b5b8e7664fb5718e","sha256":"d8180dd3eae247c7d0754e200aa925af90d9145f0546966dd3c66383417caf21","sha512":"a9b03b5a708734bd18ad1128dd2906f1c44e3e7f5e4be716ad1052d3132cd5032db835ed984228cbddaa52c7799ac81c2e79b23bc433dc2c2e3685a6eba87492","ssdeep":"192:qSa/WVpaV8Sx4AKtPxlmrwGGfdc8tlCxohT:qd6I+o4tPxESc8tV5","tlshash":"1532201b844053a66173d779247a2e48e93a135b80059c5b3fbd4ac48f3be3a9059ffa","size":10952,"data":"","first_seen":"2026-02-02T17:19:00.443392Z","last_seen":"2026-04-04T06:00:05.14112Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/main.js","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"70102457292100acb4885927b5f3a93d","sha1":"8b6f76aa25b28c140146c1df2074b66434f62397","sha256":"e702d7bf54ac1a6ec86a4b433bc3cb64924e23b9496099964a9474e59ca56471","sha512":"cc9c1ea4f3aa276f20fa096a0b80cf2a6b8461bcf2b548e3bbeb05853285ada52fae2ff6611a246f61b21cfa17e7225d3d516193c4ad7d5ddadafce34269ce7e","ssdeep":"","tlshash":"192189af598531a0d57b2391caa697bcfe7a8017471218b07c1c7b224b79c930426eec","size":1232,"data":"","first_seen":"2025-12-02T13:06:24.205401Z","last_seen":"2026-03-21T19:15:38.534998Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"afe97b01fc8cf0ebee938c6ae9e51d9c","sha1":"43c452b7f5f24d992024f12570ea5f6522a1249b","sha256":"5f2d0f72e717e02ae80ec4d2a843df1432758cae3ddddc535236acd32119f886","sha512":"0f71124d166c0ac918ce077b933193bdcb27177a1bfd087c758268b31860e78770dc160b65b83e546a2cab0f2cdd2754601882bd4fdbc42e87c27e4268935d66","ssdeep":"","tlshash":"8cc02b1c9a142e0340474bc509fc6af3c270163118f4d81e23c1c64c41339404f4f411","size":139,"data":"","first_seen":"2025-11-08T07:22:22.862797Z","last_seen":"2026-03-04T09:13:08.44819Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9d769846c50d3a42f7ca7834626b4fa2","sha1":"7e200410f4ce5ddcd098bb46abf836052492016c","sha256":"b928ef9b53e385882a2e57e70479ca929a6bbb2b8a4e30799925c7adcf818d27","sha512":"b0091ab81650a02167e11844a2b7d298e15d4e0ed6b3ded040fa98865db72f327e9c306c6a7d9bb1440c91f882b7d4ad6e7e17a800c50db7cb334d6f7e4d50d1","ssdeep":"","tlshash":"e5b0121761710c285118036011880f087475711340ddd40c243bac50f348d605204330","size":97,"data":"","first_seen":"2025-03-07T21:39:32.334821Z","last_seen":"2026-03-04T09:13:08.449562Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/zepto.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6bea8158383f3034319b45571f5ca7e8","sha1":"c546d9454a2e62ed987b0ff459a13bc41a51b250","sha256":"bdcd35a7fc89302612325490543bab6f0f74e46830e1a646c0d434c22bd6d476","sha512":"191e508e15bc12a02773dd14bb4767d59e953360c581532d5a330910b9bc089cbed1225c4e941a28aa2a153e9e871e2a85d38fc69fa76a18faa1012899d0e455","ssdeep":"384:/qbM6OHYNwcyn24wmZucAQfSHRZpB3sEfH/CMtYPM:6YYNwLgvbpB3HfaMz","tlshash":"2fc261ccb2c6b46247a771b8506f610bf23b6889380e4454f169e8d5bc7890e957bf7c","size":26273,"data":"","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.598519Z","times_seen":1086,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/jquery-1.9.1.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ced1955d04ad67f93c642501960172d","sha1":"e346705c96ed71fef43144a893dc26f0d1ff2a81","sha256":"7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90","sha512":"c5fdcd09f23cbc4adcdc9ae38e7535eab9d10026b2607c21414cbb02258f0eb99bea0c8b53ee69129c62cf086898f4fec46d1a52f1170955b2b4d6ab0c636a47","ssdeep":"1536:g9sFlxCuYQ8kdpjEhDH19D7jXHi7mdG5bakVV6qN6MQDKwTYHUfn06dPGMIcXQWy:JXdURN6G7h8aGtvnx","tlshash":"b69319dd76c5b12247ab307d106f540af236599a280c8450f135e8fafc7898aa177f7e","size":93015,"data":"","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:25:08.251496Z","times_seen":1198,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"d0bd9844cce88ca97106742173d3e9fa","sha1":"84e99e47c8c75eb82156c3dce8bf8951e2292234","sha256":"e5b29fafac2a1e907be2858f5d810336656e004ca6d38b169745417a32b9280b","sha512":"74523a12c776bcfdbc511433da0751a96a3665101975bb408588b102af730bb1c0adbaf0df1a3d91362fe9e8de84a79326f1135ff7014d39368e771c8689b140","ssdeep":"","tlshash":"9cf0c9e236490c51400592e6af20eb3bffde6c055016ca49a189d2dda10ce60a08f436","size":518,"data":"","first_seen":"2025-11-08T07:22:22.884736Z","last_seen":"2026-03-04T09:13:08.451017Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"682516b6f8149277396b398899d33a3c","sha1":"1217347cc125b29e7dcf07da1ecc2fc555046027","sha256":"39277b37e0411be4ec1a3dd5831370adcb33eb6c205b847d84c15699da589b41","sha512":"50b344e674acaa7fb3ef0fc6f907a3b9910cd249f0b298ea88c15f854b8cf9e60caad6ac01137803638fd62f4d9c03c571674a56488471c0bab38be7946ed705","ssdeep":"","tlshash":"111168641c143d1707bfd599a49837e299f00148eb19ad5d16ed8a4c034cf8dbe57c35","size":1029,"data":"","first_seen":"2025-11-08T07:22:22.89767Z","last_seen":"2026-03-04T09:13:08.452396Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"44c3493caf3f86c5a8990f246189acd9","sha1":"5c5c9f8c843ca3f5c9de21ed337c225d3d12b457","sha256":"970e32d54282c2f67b43368332faa96d28f39eb225719ed6f65c39878cae8f1e","sha512":"a534800bd8c33da34032ea920ad1e1be11ca7bd243b8c6fef4a17c01e3e765d3efecd55cdfa19df49d8dc77050a8ad6b4b32fa1e5c1d1e121246c3525040b6c4","ssdeep":"","tlshash":"f70197aedc41a1585ac635b8abafe648e1ae0024e40ec843b8d6c4cd2c38fd9082534c","size":847,"data":"","first_seen":"2026-03-04T09:13:08.453659Z","last_seen":"2026-03-04T09:13:08.453659Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/pk10BaseTrend.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f6fadebe51378762442a2211edfef60","sha1":"abb6dd63e315112728f3540ef124480e4b1e9048","sha256":"441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e","sha512":"07072b7f0de691c11760da89619c378b0dbae068b540676c6bed50e9c1eb089716a1b235f10fb35730c3afe2ac42dc02ea67fbcc80e3551afc7d5507feb0d71d","ssdeep":"96:bWkh9UBeGm8ViMUrjjEgYQEHqSKFM4AJjCk:N0iMUrHEe0qSKFM48","tlshash":"43d1a919e1822126b25f3efcc63fd15880610fb0e598ee4c76fd9ab16d34ac65073d6a","size":6701,"data":"","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.663196Z","times_seen":1333,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bd51static.com/7ry.js","fqdn":"bd51static.com","domain":"bd51static.com","tld":"com"},"ip":{"addr":"35.215.189.171","port":80,"asn":15169,"as":"GOOGLE","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"b49cd1dc0129f18f8ab76d9249e0f1d4","sha1":"83de531cb19e73636a45aef6c47de3317a61fdd3","sha256":"96cd0cf7391454455addfd9b6a7c18139072db87453b022adf2cabbf4beb119d","sha512":"c32d63254c6e11fa48d1f036e87c4494657bffdafd31c76c5d43fcfe885184e50e33b486a652b9d527cc59a6e9e8e29f6787d24c90b6956c26901090812f1094","ssdeep":"","tlshash":"6921f05f7c05e1246796383a33bfde9ce9ae0025241dd802a4eec4ac6d28ff90527b4c","size":1365,"data":"","first_seen":"2025-05-25T12:44:27.079127Z","last_seen":"2026-04-04T06:00:05.18873Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"213c3dfaaf989d9e2508fc9584a86c20","sha1":"c575f6642df9c3b805f606b83956464cdc9c8acf","sha256":"392dfc796a00d5bfcfaa832cc5f8dc2c1dd30539d4f0862902e2f337bae661ea","sha512":"38e71bad697c2dde523a011124b2a87200d5384d22d0832d9d3a804a8681a6d4ed526730e2123b56f7a53a2cca4e221a43d5fa6048a3fc0cc759c33124928986","ssdeep":"","tlshash":"a60178016e00a835e7d2801551ac5bfd36b30376b4d0411ed3ed8b6cc32db81d4c2a0e","size":693,"data":"","first_seen":"2025-11-08T07:22:22.907353Z","last_seen":"2026-03-04T09:13:08.454826Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9dda62ac8a7ee9fb2527f87314017e8a","sha1":"74f21a05c378fffa77840dad0f3de946859aa840","sha256":"39e2779588ad3cd426438290b5d192e65ca5e9ac9608ac9a0bf4cb54b797a2bf","sha512":"9865cae2a1d7617a85522d98df194872ee4fb645a6f9c6f8e7b1035131afe698334c107be68aec5fea3720f78ac5af22fcacada34a867c42e1c1fb3593c03e01","ssdeep":"","tlshash":"92b012742d281f0f41615fd04e78ab73cdb42a6a56f5ec86279af4c00294d828c5d033","size":106,"data":"","first_seen":"2025-11-08T07:22:22.910638Z","last_seen":"2026-03-04T09:13:08.456159Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/iscroll.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3249e269b6bf59a9596ff4dd4908bd74","sha1":"16f804a74f66585bf01bb2217997a2a4ff0c4a23","sha256":"3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c","sha512":"f8fff231edd431cdad0e9426353abceb12ad72e1decfb110aa48f6b81fd061f9b2171bacba515069c1360df4a7cc451c1b0cdce380c4ecdd3849231bb4f07bc1","ssdeep":"384:KgC+EUMfCHqTj54QUX5WSMFqa7BU5TJe3c6OJsBeCWvtk7mSjjxaF:Kl+EUnqTDUX5UFO5TQc6OJsBetO7BlaF","tlshash":"2792a4889112338245ffb399dacb860d607a9339671750cc3929bffa6a447b843d367c","size":19891,"data":"","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.587289Z","times_seen":1334,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/local/tools/tools.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8013dd6bd01a41c8ba3ab87b75e00384","sha1":"7c7ac71f61dbade812e8553ef798ab95b1292ff0","sha256":"e00d209a165a446a1882f368f65c9b87df4599bc70edf7fd176ee85113b33bf4","sha512":"ef9250434b83beb1acb886c6a7f48ca078611c452712459b789cde59a389f1f009cf6652f73a1e1c060000d5a8b6a1d06209e706729763456b74fa425211aace","ssdeep":"768:YhY+GyBfYY65VS27+8cVI+4T1NNa+Na0NaOqBaA32imH52FpJ8M/Q5tQ5+eNj2NV:KtGWfYBVS27+8cVI+Yjvzqsni08o0K9","tlshash":"b6a3a61a99702a5a417373b5593fe500f4214f3b01078846bc7ed6f85fb9a62a378fe8","size":103478,"data":"","first_seen":"2025-07-13T11:51:38.295866Z","last_seen":"2026-04-04T06:00:05.223033Z","times_seen":273,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/local/pk10/index.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"15a3b151854fecbdec6d06a2a8cbf615","sha1":"90c01185ec0dafa6225fed673abffd2476a10a33","sha256":"0acb184791a34dac8ffd8d7c592d8797b10eba55d64e8501ddf932601ac7da59","sha512":"41659d3b0aa2b498c427b414c58f0f6eeac650fe81ac411a0e5075478addbaacc4512fcec65110db3035ef03cdbd4430f6adbad1e63b1842bec5b91cc1c81e71","ssdeep":"1536:YB3AYNIrixgC2UJga/6wEwwnwORfSBayIIuxwEI3C20:lr+Z/6wENwthhuxwEI3y","tlshash":"8993851976a4262660b773f2282f9504f5718a3792258c047cbda9d40fbec64b0b7fbd","size":88963,"data":"","first_seen":"2023-03-07T14:41:02Z","last_seen":"2026-04-04T12:32:58.570717Z","times_seen":541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"953a252bf9a7b7a663200b012155e663","sha1":"cb56157cf729108f171cda4e4ebd706845ed9789","sha256":"bb320727416f5544294ace35fdfd4d6d153584e6732622820639607a10fd2a17","sha512":"b829f449304c305ad7ea60d78d40d30d1b2e1898120d3849418666cb5115bc546554a6f635bc1262cd45f7756e9d51f54d3de378938d11fb90ab721022c3812f","ssdeep":"","tlshash":"91f052ae6c91e5585ad335a89bbbd64cc06e0429101ed803a8d6c4cd2e2cfd8183624c","size":508,"data":"","first_seen":"2024-10-28T10:46:02.890122Z","last_seen":"2026-04-04T12:32:58.706894Z","times_seen":1221,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"11c409983e707cb4849da9631efa1651","sha1":"f6e93e062257442ff49d9959fbce1104f4b7ea27","sha256":"28209fe740ccd3e70b978b42b3be1d6c30f8d6ecfd1f375440431d32a679cf76","sha512":"cb9758c1ae1ad08269bdb2aaa198e055257e4e710ab4cab71f1fc3d2e7b9489b2caf89c95c211e07064d562393ecb0ce907185870c32c91707b6267538c2820a","ssdeep":"","tlshash":"dbf097ae5c81e5585ad635a8abafe24cd56e0024240ec843b8d6c4cd3c38fe9082534c","size":508,"data":"","first_seen":"2024-12-02T17:13:45.829962Z","last_seen":"2026-04-04T05:48:15.703347Z","times_seen":308,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0a6c57db4682168d8a53542656b9fc82","sha1":"399b42eef68fbc2af8240bd6421e3554e04c3e3c","sha256":"aa97dc1a108ecd1af5f5b0445451f7bec50e259a1dfc6a68c4b264c981dc9a99","sha512":"2ed6e994defc93649e1c8d8510b2b14b6db49255b2c762eee0357cc364c8be42c12a209ea147644f478b737e04c57bef9bbfa04772dfda2d88038a29915a6cd2","ssdeep":"","tlshash":"49e065f7b5d674a0c42a0041c9923bfcba7dc00997614d729a253f3a13469eb0024a5c","size":406,"data":"","first_seen":"2025-12-02T13:06:24.231788Z","last_seen":"2026-03-21T19:15:38.774004Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T09:12:38.410Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:38 GMT\r\nContent-Type: text/html\r\nLast-Modified: Sat, 29 Nov 2025 04:44:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692a7a36-1c3829\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Site Kit:1.159.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"Elementor:3.26.2","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"All in One SEO:pro 4.3.0","description":"All in One SEO optimizes a WordPress website and its content for search engines.","website":"https://aioseo.com","common_platform_enumeration":"cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*","icon":"AIOSEO.svg","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":1849385,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (51229)","md5":"ec46f61ae9a2391efe18421d3e09ec69","sha1":"c2ebc9e1d3d9e8d420e33dea2a562d4732581963","sha256":"66b794e5d56d24c79613895be09051db0abbc8c862759717d6f5e37c7a47aa63","sha512":"c14180969cb9f6ed53c99dc5f234106ae362fd15340021cd9a7528c403c74001b4675533dfd99996f465184ad4dca206f8e71fcd45434e5d37a506fd5c683b46","ssdeep":"6144:tdCmVpWbEZHe1HOQTNUa5kemv5beAbyiDyMynJncMb+dwppCl28FFldPysyh0+Qo:t0Kdhl2U5WB/","tlshash":"902574923e536039712f111f9043b68c70348dcae17a76d6f9a6a123e2fac9137f1e59","first_seen":"2026-03-04T09:13:08.344777Z","last_seen":"2026-03-04T09:13:08.344777Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1492,"timings":{"blocked":212,"dns":0,"connect":211,"send":0,"wait":214,"receive":854,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/js/email-decode.min.js","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.712Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/email-decode.min.js HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 22 Sep 2025 10:13:36 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68d12150-4d7\"\r\nExpires: Wed, 04 Mar 2026 21:12:39 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-04T12:47:48.237389Z","times_seen":292120,"resource_available":true,"data":null}},"time_used":414,"timings":{"blocked":157,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2024/01/single-cell_menu.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2024/01/single-cell_menu.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9d6fc2b3adf44b93-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/white-arrow-btn.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/white-arrow-btn.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9d6fc2b3be054b93-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/FFMarkWebProRegular.woff","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/FFMarkWebProRegular.woff HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff\r\ncontent-length: 64951\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:34 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b59e9b4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":64951,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 64951, version 0.0","md5":"3f92428d015f2a85c9d60852b48f63ce","sha1":"71512f2a5d56a68a93d84fa17069e4f0bcf54152","sha256":"bce6acfa1c7836bfc54ae0969cd71615ca66df8ac3acf29bbc56acdfbf33b9eb","sha512":"101f5728dc25f449de9204e92a0378e567a9eb46af898c54c58f65a7ba2a333eefab8ed5c553b14e40828362529d2e4b03ba64f8facc58e0df29849a5e0263d1","ssdeep":"768:s9kLxdD5pEBppBGiJQ9SYi65u8u39ipKPIDXQAochb8pwM/TyfYibNFY4Nw87tIY:s9OySA39fI7z7dgwMoYMMzGBHt","tlshash":"ad5302e2eaff4456c463a37b17ab04860c73dd68e282422474cbf2a4313277f5b92553","first_seen":"2026-03-04T09:13:08.350464Z","last_seen":"2026-03-04T09:13:08.350464Z","times_seen":1,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/zepto.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/zepto.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db96-66a1\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26273,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (26273), with no line terminators","md5":"6bea8158383f3034319b45571f5ca7e8","sha1":"c546d9454a2e62ed987b0ff459a13bc41a51b250","sha256":"bdcd35a7fc89302612325490543bab6f0f74e46830e1a646c0d434c22bd6d476","sha512":"191e508e15bc12a02773dd14bb4767d59e953360c581532d5a330910b9bc089cbed1225c4e941a28aa2a153e9e871e2a85d38fc69fa76a18faa1012899d0e455","ssdeep":"384:/qbM6OHYNwcyn24wmZucAQfSHRZpB3sEfH/CMtYPM:6YYNwLgvbpB3HfaMz","tlshash":"2fc261ccb2c6b46247a771b8506f610bf23b6889380e4454f169e8d5bc7890e957bf7c","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.598519Z","times_seen":1086,"resource_available":true,"data":null}},"time_used":423,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/img/cltj_img/px10obj.png","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/img/cltj_img/px10obj.png HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/css/pk10.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Feb 2025 15:37:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4d2-b3a\"\r\nexpires: Fri, 03 Apr 2026 09:12:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2874,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 111 x 101, 8-bit/color RGBA, non-interlaced","md5":"5025c85c1772aadbb3e53f953913d3bc","sha1":"fb7fb9939693929455b21cabd3f99b7b4761d39a","sha256":"124aeafaabb57da5126971cd6c763b317cde9003ff1690e447a494952f156139","sha512":"4e22762c206947be1e8757db4c14cfd0cf6fd70f6edbc40bd2a4e6fa9b1a7ee151e17135b39e6bb4df9161e173ed7207e463072d9ffff0fa415005bef0e77334","ssdeep":"","tlshash":"67511b9de451bda064c9ebe428fa8593c9238dc01beaf55ce98c59539c712f0604b6d3","first_seen":"2023-05-02T12:59:34Z","last_seen":"2026-04-04T12:32:58.591518Z","times_seen":1318,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":422,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/png/cropped-cytena-favicon-icon-192x192.png","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.734Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /png/cropped-cytena-favicon-icon-192x192.png HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nCookie: __vtins__Kbu0ae6HwHakHTZk=%7B%22sid%22%3A%20%22f736e576-1494-59b5-b2e0-ae9f2e0f6ccd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772617360615%2C%20%22ct%22%3A%201772615560615%7D; __51uvsct__Kbu0ae6HwHakHTZk=1; __51vcke__Kbu0ae6HwHakHTZk=4165bf8f-1c32-59ff-89da-bd5f095d227f; __51vuft__Kbu0ae6HwHakHTZk=1772615560621; __vtins__Kbu1wnvNuIEPKNgT=%7B%22sid%22%3A%20%22cf12faa2-ed8b-5518-ae3b-f1a7f180ee1d%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772617360634%2C%20%22ct%22%3A%201772615560634%7D; __51uvsct__Kbu1wnvNuIEPKNgT=1; __51vcke__Kbu1wnvNuIEPKNgT=09a9afdf-b399-5984-9da1-5ddd42b8280b; __51vuft__Kbu1wnvNuIEPKNgT=1772615560637\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Fri, 29 Aug 2025 01:31:35 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68b102f7-14a2\"\r\nExpires: Fri, 03 Apr 2026 09:12:41 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5282,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"78384d19f334c60f8c1b22a042fd7b6d","sha1":"9582fc5c5c153e919d6d1d87496e4c3e4f306b72","sha256":"416e677a73b07ea5ecd1a9156f20581100e60cf502cb985db2f5af80ef234eda","sha512":"81e2124a56a72fe81e7575817091ef8c2b8b7682b7a2b217a5643bc7c3c403a7b445e88c14c0ab592db439d700d79189a0768301c3059a9c02e361014c3fa0f2","ssdeep":"96:Dmj2aHNYbpHousFCr7QNrr5sehYHM8+x+ZmH/93j8po5qZO6uG:in6Housw7KXOBHM8DmVqZZZ","tlshash":"2eb17e55302f2f7374223062d216591d1acb52be001598ad75e6ebba3e3ace53a91351","first_seen":"2025-11-08T07:22:22.844298Z","last_seen":"2026-03-04T09:13:08.355353Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":230,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/png/logo-ray6793gguj98zakxbniox9e1xpu6eou7pb9k6d1ag.png","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.496Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /png/logo-ray6793gguj98zakxbniox9e1xpu6eou7pb9k6d1ag.png HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Fri, 29 Aug 2025 01:41:37 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68b10551-476\"\r\nExpires: Fri, 03 Apr 2026 09:12:40 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"4624e835cecae3de70765d2d1cd63b36","sha1":"677d9a02a4ec3be06f5535dbd6530543eee7af8b","sha256":"707942288410458232a0b8dcd18ea418f83bdee1d0ef20239dd02788f864c08b","sha512":"23d3b3e85708ae82bc2d4e9154e4bcac7e26750c2157031602f2c2e5690b85d8f1f30bf7a4194ed040801e212d4eadca5c0ba295586375e15f9810620a45d705","ssdeep":"","tlshash":"a421c6e40e3c33a2c55bfa76d7c706965b1d343029495d4b80817b7c798e34441b26a6","first_seen":"2025-11-08T07:22:22.79578Z","last_seen":"2026-03-04T09:13:08.357762Z","times_seen":2,"resource_available":false,"data":null}},"time_used":875,"timings":{"blocked":630,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff2\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6907\r\ncontent-length: 81612\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b55e7f4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":81612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 81612, version 1.0","md5":"b4d6b90f14c0441aac364e194978408e","sha1":"142696d43851c8eba0f54c7b94c5f6ebd09703e6","sha256":"6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8","sha512":"feab357b65d7302cc6ca2afc86b84851c9b307ba68659fe9e6f7191ff38bdd1d38658e503124b6940f77f5c216b4400c23b8babcd6c13fac2313fa91e5269f09","ssdeep":"1536:mU9FSafiVK4eoDE9kuqu3GbcJuGiZmvfgFrsrr4l1ESfkmS3a+:mYFURoZCMLngsEl1DYK+","tlshash":"678312531fb0ab4ed86e9b3a171d7c3ba4cb2e224b4a704c1d5504068b7ba6d35f45c7","first_seen":"2024-03-11T23:30:43Z","last_seen":"2026-04-04T12:45:57.141565Z","times_seen":58739,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":205,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/png/cropped-cytena-favicon-icon-32x32.png","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.735Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /png/cropped-cytena-favicon-icon-32x32.png HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nCookie: __vtins__Kbu0ae6HwHakHTZk=%7B%22sid%22%3A%20%22f736e576-1494-59b5-b2e0-ae9f2e0f6ccd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772617360615%2C%20%22ct%22%3A%201772615560615%7D; __51uvsct__Kbu0ae6HwHakHTZk=1; __51vcke__Kbu0ae6HwHakHTZk=4165bf8f-1c32-59ff-89da-bd5f095d227f; __51vuft__Kbu0ae6HwHakHTZk=1772615560621; __vtins__Kbu1wnvNuIEPKNgT=%7B%22sid%22%3A%20%22cf12faa2-ed8b-5518-ae3b-f1a7f180ee1d%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201772617360634%2C%20%22ct%22%3A%201772615560634%7D; __51uvsct__Kbu1wnvNuIEPKNgT=1; __51vcke__Kbu1wnvNuIEPKNgT=09a9afdf-b399-5984-9da1-5ddd42b8280b; __51vuft__Kbu1wnvNuIEPKNgT=1772615560637\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:41 GMT\r\nContent-Type: image/png\r\nContent-Length: 1023\r\nLast-Modified: Fri, 29 Aug 2025 01:31:35 GMT\r\nConnection: keep-alive\r\nETag: \"68b102f7-3ff\"\r\nExpires: Fri, 03 Apr 2026 09:12:41 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1023,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"4e4df3d7e0a47caf7784c841806c6e62","sha1":"c808b208334914e3c9c3401e8452ae7881abc497","sha256":"bd64c23a5e7aea5d28e25f01a946b0295716ff15df4f86af7bf1f0b01e5c93b4","sha512":"bcf4ece469ceb375269e04d5e7da12a348e50f9d1ccc6160e3662a8ff298c5344b02db5833bfbbc7556746c1b3f4f6b6079707be794d96d2cb3a6c012b12a52b","ssdeep":"","tlshash":"1011a8f6914948c7f75e526fa73b48c4d8277106ba3651884a916f100bca161425df60","first_seen":"2025-11-08T07:22:22.776182Z","last_seen":"2026-03-04T09:13:08.361266Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/woff/woocommerce.woff","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.978Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /woff/woocommerce.woff HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: font/woff\r\nContent-Length: 8084\r\nLast-Modified: Fri, 29 Aug 2025 01:32:27 GMT\r\nConnection: keep-alive\r\nETag: \"68b1032b-1f94\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8084,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 8084, version 1.0","md5":"dc54d4f864988c37c703a607320e805a","sha1":"5f32d2683d302b91c1680823b18048727399f0d5","sha256":"ce3e2202d511bf6c7183e5870916f6cfb064da615d696d82cab65c653e5a2515","sha512":"dafbc58d748305cf8a057eced2ffe2b3b1edfbabd63cab11a735403a64b73e2dc87bdd6b7dfb3e8914d5e78e969471ade37e1cd9705c1aebf2e4924d2c81c3f5","ssdeep":"192:kiarZdQfB17i0bsGcFcmj9JxTHYy6CY789A4qiwErg4C:kiaFdQfB17iusGcF7jLxjYy889rqi4","tlshash":"bef1adff652dd630c12180b6fa4922d8a6e306dc06c14b63d60dd8fd26ae37c8f92995","first_seen":"2024-04-23T17:31:47Z","last_seen":"2026-04-04T05:06:04.948668Z","times_seen":509,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":171,"dns":1,"connect":210,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/woff2/01d273202731e44f0f1187f3afcaf156.woff2","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.984Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /woff2/01d273202731e44f0f1187f3afcaf156.woff2 HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 42924\r\nLast-Modified: Fri, 29 Aug 2025 01:31:32 GMT\r\nConnection: keep-alive\r\nETag: \"68b102f4-a7ac\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 42924, version 1.0","md5":"3cecbd83e79ff7e17cd28b68ece9c08f","sha1":"40f6229a245f8f4d49ead2dff52be1169ee92f14","sha256":"d7eee5ab759751ca27c7880c64c79511d2853a2048c6301f71c5493bf2729e46","sha512":"b8afa9ca9b87a68357eb41fee3cf7b5e7c57528fb633727efe8155724ed76d8ab0a85a2d28a8afddf05d3e61e85ef2ffaeb30fd516eb13f81eb0d9ddfabebe5f","ssdeep":"768:EgszuxT1cg42FeX1xSIvLSrwC6LmTbPKv/vgi9jTXXFMkBP4mGtRp:Egs7D2Felm8XLSOv/vgi9jTXX2kemQRp","tlshash":"e513f1604cad1b6058f8bdc1d1007d3adb6f893cc13ca66abf99a4994083aef46e41dc","first_seen":"2024-08-19T16:06:16.332215Z","last_seen":"2026-03-04T09:13:08.365697Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1111,"timings":{"blocked":183,"dns":1,"connect":225,"send":0,"wait":251,"receive":451,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/png/home-ba.png","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.489Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /png/home-ba.png HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Fri, 29 Aug 2025 01:30:41 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68b102c1-12075\"\r\nExpires: Fri, 03 Apr 2026 09:12:40 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73845,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 900 x 677, 8-bit colormap, non-interlaced","md5":"824a5f7722203bbbe237ce978a7c47d9","sha1":"3ddf4ce54ee02f647e3c0e3d984b82f996bd1008","sha256":"05d65885cddf6c3496f776566aa9ace9cdb40af70603e35fb04f34e67006a949","sha512":"c26dfc343463e473b81f8257cb1d725668952dbe38bea0a0110eb5e534ee8b4fe62d54e36ce8ecbc0f208c78419a5e261107fd40e4adfaac46df7a80134d4027","ssdeep":"1536:sDL3A8RDtmW2SNMHGKEsevD8AOAZC1GCpHsGZ1pI42fg/d5N58Eft0d:WL3dDoW2SkETvDJOAepY4PN94","tlshash":"b0730254ad528fc36c331927a30fb54a3953afa682cb18b24c8477055d2be7a5f6f060","first_seen":"2025-11-08T07:22:22.811221Z","last_seen":"2026-03-04T09:13:08.368629Z","times_seen":2,"resource_available":false,"data":null}},"time_used":978,"timings":{"blocked":752,"dns":0,"connect":0,"send":0,"wait":212,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2024/08/2325931_CYT-Website-HomePage-Carousal-CGTTracker_081224.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2024/08/2325931_CYT-Website-HomePage-Carousal-CGTTracker_081224.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9d6fc2b3ce064b93-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff2\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\ncontent-length: 78196\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b43e2a4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78196,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261","md5":"e8a427e15cc502bef99cfd722b37ea98","sha1":"a9922842a120a7f1eaced667480c5e185a106d69","sha256":"d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef","sha512":"113775748a4166c07e58c26cf6db7fed473732dc6124b8ee0f0dcc0d6439eb2ab2c5d9e01c67324fdf9de4105349cf30cc5796a0b0e0ce9a08f337b9d4e10b7b","ssdeep":"1536:1iGQV8Q8UOUMUd5UY3qyCkHQCCz2LL1F+u3MHLGxe3U:QVWuF33qy7HQchFz8HnU","tlshash":"3273121cf567643ef6a8e05f3c38256d4fd5c724e2e68a06748db808c4ce71d90879b6","first_seen":"2023-04-05T08:37:56Z","last_seen":"2026-04-04T12:45:57.068851Z","times_seen":119637,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":159,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/css/common.css","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/css/common.css HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 15 Feb 2025 15:37:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4c4-f71\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e5b033e1840c9ced6b1373bd703f48c4","sha1":"39b3c23ca20086705ef134eb88b287704aad1931","sha256":"c2485a8fcb032d8921a78c0c0956e8842f4b6cdbcd2a0266cb1197ef96726f47","sha512":"f0c5d2797a9182391247dedae9d6449b46fcbda7f4b2ad8f30bb243cf474ae87bdb1fa48a4fbcd3e81e512e135b4acc0bab7e10478f99728dddfec414a92d565","ssdeep":"","tlshash":"818102b226353e44b519f4bcae60bfd19b2a4126bf0f0d562491b43cc3859f8077b28d","first_seen":"2024-08-17T08:27:12Z","last_seen":"2026-04-04T12:32:58.655219Z","times_seen":1208,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/local/tools/tools.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/local/tools/tools.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db9e-19436\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103478,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (924), with CRLF line terminators","md5":"8013dd6bd01a41c8ba3ab87b75e00384","sha1":"7c7ac71f61dbade812e8553ef798ab95b1292ff0","sha256":"e00d209a165a446a1882f368f65c9b87df4599bc70edf7fd176ee85113b33bf4","sha512":"ef9250434b83beb1acb886c6a7f48ca078611c452712459b789cde59a389f1f009cf6652f73a1e1c060000d5a8b6a1d06209e706729763456b74fa425211aace","ssdeep":"768:YhY+GyBfYY65VS27+8cVI+4T1NNa+Na0NaOqBaA32imH52FpJ8M/Q5tQ5+eNj2NV:KtGWfYBVS27+8cVI+Yjvzqsni08o0K9","tlshash":"b6a3a61a99702a5a417373b5593fe500f4214f3b01078846bc7ed6f85fb9a62a378fe8","first_seen":"2025-07-13T11:51:38.295866Z","last_seen":"2026-04-04T06:00:05.223033Z","times_seen":273,"resource_available":true,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/img/bg_icon.png","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:42.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/img/bg_icon.png HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/css/public.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:42 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Feb 2025 15:37:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4d0-3c2a\"\r\nexpires: Fri, 03 Apr 2026 09:12:42 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15402,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 948 x 404, 8-bit colormap, non-interlaced","md5":"821582b0c313e76c4f0d979664edf668","sha1":"dda5e9d9e4cee99daf3af76f83ffab6b712e7697","sha256":"a5c7914a21f1db358506caaf95ff6d1838769e4c303e6cfa5ebbacdb0b97643b","sha512":"160d5161b10f7bd73c5662b492bd83bd8caaaf1e140aa9d12e44e8aacd25d5124abeffa1d2f1ebbbe4efa0ca8e1b1ab5bba984057973d0677c5e88ef433d681c","ssdeep":"384:CzJsgcvepxLlsLiqMcNrr/OabQ+7211haD:C1sOpxAjrOaU+72jUD","tlshash":"2962c09588d5790b3e243be38e1524237a7ebe5342b0434b8606743e1f458bb286bad7","first_seen":"2023-05-02T12:59:34Z","last_seen":"2026-04-04T12:32:58.665674Z","times_seen":1322,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/Rectangle-15.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/Rectangle-15.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9d6fc2b3ce094b93-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/FFMarkWebProRegular.woff","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/FFMarkWebProRegular.woff HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:34 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\ncontent-length: 64951\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b58e9a4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64951,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 64951, version 0.0","md5":"3f92428d015f2a85c9d60852b48f63ce","sha1":"71512f2a5d56a68a93d84fa17069e4f0bcf54152","sha256":"bce6acfa1c7836bfc54ae0969cd71615ca66df8ac3acf29bbc56acdfbf33b9eb","sha512":"101f5728dc25f449de9204e92a0378e567a9eb46af898c54c58f65a7ba2a333eefab8ed5c553b14e40828362529d2e4b03ba64f8facc58e0df29849a5e0263d1","ssdeep":"768:s9kLxdD5pEBppBGiJQ9SYi65u8u39ipKPIDXQAochb8pwM/TyfYibNFY4Nw87tIY:s9OySA39fI7z7dgwMoYMMzGBHt","tlshash":"ad5302e2eaff4456c463a37b17ab04860c73dd68e282422474cbf2a4313277f5b92553","first_seen":"2026-03-04T09:13:08.350464Z","last_seen":"2026-03-04T09:13:08.350464Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.woff?78cxts","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.woff?78cxts HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:42 GMT\r\ncontent-type: font/woff\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:34 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:14 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6907\r\ncontent-length: 38496\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b918904b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":38496,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 38496, version 3.0","md5":"586e3e39f500f7f8c8ee5384a6a12d97","sha1":"f5ec27cb8f3a0184191a11acc9732e669de3ad4f","sha256":"59c8a828c907c259290d2805f109dd2d8834eac7eae3669dd09fda8c053a0bd8","sha512":"3661303fb2ece4a51a28434cfd12bb1fa9c5d820ec236aec849ad87cd2e6ae61d28946a5d3b2c15d0464bbd402831f51f9cd36ca91ed197264761b992c9f0578","ssdeep":"768:07NTGRN81BlDMfMzyJEcZ+hSiiL3Dkddy9MLYss6E2ZJRs/LN6zI1Hzix5oXGnRj:07oAKEcZ0SiiLzkddy9MLYss6E2ZPs/","tlshash":"960349079f8bdb6dec2799bd8e3390601dfd8629833fd28e79852d46a4058f08d24b94","first_seen":"2025-12-01T03:03:40.703131Z","last_seen":"2026-03-04T09:13:08.376618Z","times_seen":2,"resource_available":false,"data":null}},"time_used":931,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":928,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/local/pk10/index.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/local/pk10/index.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db9e-15b83\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88963,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1920), with CRLF line terminators","md5":"15a3b151854fecbdec6d06a2a8cbf615","sha1":"90c01185ec0dafa6225fed673abffd2476a10a33","sha256":"0acb184791a34dac8ffd8d7c592d8797b10eba55d64e8501ddf932601ac7da59","sha512":"41659d3b0aa2b498c427b414c58f0f6eeac650fe81ac411a0e5075478addbaacc4512fcec65110db3035ef03cdbd4430f6adbad1e63b1842bec5b91cc1c81e71","ssdeep":"1536:YB3AYNIrixgC2UJga/6wEwwnwORfSBayIIuxwEI3C20:lr+Z/6wENwthhuxwEI3y","tlshash":"8993851976a4262660b773f2282f9504f5718a3792258c047cbda9d40fbec64b0b7fbd","first_seen":"2023-03-07T14:41:02Z","last_seen":"2026-04-04T12:32:58.570717Z","times_seen":541,"resource_available":true,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/woff2/element-pack0240.woff2?78cxts","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.985Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /woff2/element-pack0240.woff2?78cxts HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 18092\r\nLast-Modified: Fri, 29 Aug 2025 01:32:49 GMT\r\nConnection: keep-alive\r\nETag: \"68b10341-46ac\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18092,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18092, version 3.0","md5":"3709c3003230f7e3377f82c229e33296","sha1":"6e58cd0ab8f12d415a3a66a1c69beb7fedec8f1b","sha256":"62a29c2f4db1ee4b8d9cf32002ae19de09ea23f154b1c64bb71fca1d161d50fa","sha512":"8f12910839f3c1f8ea044204081848b6b3799f8accda1bb83b5093a6887e5a6650d148695050b0e5e61f80464ce18f21b915d32f84fecb2a8dc5777451401251","ssdeep":"384:60sxmH+2iJGYTRDImPUqNHpHQ9sM14fDgrxBzlCLZISQ9:RPhQGY9DgqNHpwj4fuxBxuZHS","tlshash":"6e82d1238fce8bda857b78d5450e092734913371399b248755ebce29b88acd2f46c9b4","first_seen":"2025-02-17T14:04:33.753747Z","last_seen":"2026-04-03T19:33:27.724739Z","times_seen":23,"resource_available":false,"data":null}},"time_used":828,"timings":{"blocked":407,"dns":0,"connect":0,"send":0,"wait":211,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/ttf/montserrat-regular.ttf","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.986Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ttf/montserrat-regular.ttf HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 365944\r\nLast-Modified: Fri, 29 Aug 2025 01:31:34 GMT\r\nConnection: keep-alive\r\nETag: \"68b102f6-59578\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":365944,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 15 tables, 1st \"FFTM\", 26 names, Macintosh","md5":"787ef76fe0a7d8e5470a86c4664b5643","sha1":"3a779308d246834f4b094d080cbc79ef798c96ba","sha256":"fcc9d724f96e2837f39cdda6415d8a5f73b9017807cd13157923f35ce70a5055","sha512":"25ac1a396d693a5488f026c1f0a756d933b10a655cf950e44615c0f180ec124e8cf690d75d875c7348aa37c7eb7949ffca7aebb326df5a3adc7c6a2d3b6c74b2","ssdeep":"6144:7bqoK5flDeY/E8kC76hvmR/R/1HzFQ0T/d01LL1pTO4AUSLWJ0NCqyic68Sklx9z:/NSJDR/R/1HSOd01LL1pTO4AUSLWJ0NY","tlshash":"f0745b47ff43831fda524e3466bae322a395e1b5af6e430bc4461628fc9b1d24dc49c9","first_seen":"2024-08-19T16:03:59.920483Z","last_seen":"2026-03-04T09:13:08.380191Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1164,"timings":{"blocked":703,"dns":0,"connect":0,"send":0,"wait":232,"receive":229,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/png/home-ba-mob-1.png","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.490Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /png/home-ba-mob-1.png HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Fri, 29 Aug 2025 01:30:41 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68b102c1-777f\"\r\nExpires: Fri, 03 Apr 2026 09:12:40 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 376, 8-bit colormap, non-interlaced","md5":"b1dabb877dc64ccb0125d70673b131f0","sha1":"d5fc2342ad64d54870f0e20889878572234057ea","sha256":"2672fd85964a598a18d1310e347642e98c6fdd0fa3df66c270fa423bc3309dfc","sha512":"cf594753a2394967ac3e2d70605f94a9fd9abbcbf4a019a3cf4c2878f0b84c1170872e25cb0ea8381fc42c86e86233ee90564e992ac42b6a238d14ab56475c5b","ssdeep":"768:dbUCjl69VQYIuxSno+elFQAbGLXfneYBc793pNIEkV:doCjoIuYnklFhKnBc+EkV","tlshash":"f1d2f1181ae48052141c439d9c96fb3585f7fcf249ee5d2db84afe2663f0a39584328b","first_seen":"2025-11-08T07:22:22.827141Z","last_seen":"2026-03-04T09:13:08.381971Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1025,"timings":{"blocked":794,"dns":0,"connect":0,"send":0,"wait":226,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 15:12:40 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:16 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-length: 459560\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b42e284b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":459560,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 459560, version 1.0","md5":"35d9d8d17344729e636b122ef44b7e1b","sha1":"2302c9d38e2fb3b64f0f4e64152a6b23ab6f8149","sha256":"edb1e4c879a22b1b413be44cb521a8f20fcc40e9ca1aa50c1c38cd45868de369","sha512":"34571a19e9eb0e902c2fd57806e09c242057249aa4dc794b89643884caf8cba48dd45cc82f9aebe4b6938248984e18187b86d9fcbe949718c69ccbda99b7ebf7","ssdeep":"12288:hl/hVTvxzj6uZieIDZt7Ox36wGyuazRQq/hVrs8VlF5lyCw7jjWQ:rICtJly0Q","tlshash":"5aa47c2be3d7cf6ec41698bb1d06a2724cf6d631823fe286be895c11d1098f84d7865d","first_seen":"2024-10-27T21:49:12.853634Z","last_seen":"2026-04-04T10:27:21.76581Z","times_seen":5238,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.ttf?78cxts","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.ttf?78cxts HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/ttf\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:34 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:14 GMT\r\nvary: accept-encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d6fc2b59ea14b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":38420,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, element-pack","md5":"81264e383668a47392bc99b0bcccfb79","sha1":"4dad7e05075d5004b134ec04b0db300d4753b99b","sha256":"166c19dcaca9f31c9abb65f9daeb6733cca93f4508ae83309cba30d6d7e79f5f","sha512":"b4f70c0fea962edb044e32218dc75c68537df58d381827c1c750cdfe430193c99f133716ff4d4bfc25c1ceb1940d108e3fff33ea8d88972f32dc58a87eaaa886","ssdeep":"768:/7NTGRN81BlDMfMzyJEcZ+hSiiL3Dkddy9MLYss6E2ZJRs/LN6zI1Hzix5oXGnRj:/7oAKEcZ0SiiLzkddy9MLYss6E2ZPs/","tlshash":"e80349079f8bdb6dec2799bd8e33a0501dfd8629833fd28e79852d46a4058f08d34b94","first_seen":"2025-12-01T03:03:40.763421Z","last_seen":"2026-03-04T09:13:08.384401Z","times_seen":2,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/jquery.async.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/jquery.async.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 902\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\netag: \"6980db96-386\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":902,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (902), with no line terminators","md5":"2e3cd10cd7579756c32b479d018996ce","sha1":"f802c0231c81b061352b3c7bb4c64c143ce353f2","sha256":"9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f","sha512":"f268b0dfed8599261280098146616a56bf347d56edaae23924373d6f09c09df07eae57e89cd05fc86175aaa6e3c6d1e12a987a5ee5bb5d678a8e65db3a04c421","ssdeep":"","tlshash":"4a119cd87791a6050752b46c077f211cd23638141c1f9558b6bef4e25c1931eb12e9b0","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.591031Z","times_seen":1333,"resource_available":true,"data":null}},"time_used":421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":421,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/pk10BaseTrend.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/pk10BaseTrend.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db96-1a2d\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6701,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6701), with no line terminators","md5":"6f6fadebe51378762442a2211edfef60","sha1":"abb6dd63e315112728f3540ef124480e4b1e9048","sha256":"441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e","sha512":"07072b7f0de691c11760da89619c378b0dbae068b540676c6bed50e9c1eb089716a1b235f10fb35730c3afe2ac42dc02ea67fbcc80e3551afc7d5507feb0d71d","ssdeep":"96:bWkh9UBeGm8ViMUrjjEgYQEHqSKFM4AJjCk:N0iMUrHEe0qSKFM48","tlshash":"43d1a919e1822126b25f3efcc63fd15880610fb0e598ee4c76fd9ab16d34ac65073d6a","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.663196Z","times_seen":1333,"resource_available":true,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/ttf/maxeville-regular.ttf","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.981Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ttf/maxeville-regular.ttf HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 43400\r\nLast-Modified: Fri, 29 Aug 2025 01:31:34 GMT\r\nConnection: keep-alive\r\nETag: \"68b102f6-a988\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43400,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 15 tables, 1st \"FFTM\", 22 names, Macintosh","md5":"debf8be5c1d1852ade57e874430325c2","sha1":"93fc8342a1a39fef3a46213e1b6ee6d3553b8641","sha256":"da241eac8c9fd33e12e17068cd1afde5abddd9c4ab8593473bef54076a5179b2","sha512":"1e5f825829502cbb1d18011645fd3fd16cd7086f2d6b473bd203b8a6801cd989737435ca66fa73336f0b3c4e2c877f0cf4dbd20c2ac739c38a578a9a324fe7dc","ssdeep":"768:y6segvDGMSTP1mK6Vj5Gjo55ea2SRg01y/oqiF6jgmdrg1DBJ:6egvDGMSo75trea2+F6jgmd0z","tlshash":"0c135a0d6383638aca60ed3c46205b55db35f8b0bcf697cbd4d15af7980fada6c4061a","first_seen":"2025-11-08T07:22:22.791926Z","last_seen":"2026-03-04T09:13:08.388544Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1103,"timings":{"blocked":183,"dns":0,"connect":223,"send":0,"wait":235,"receive":461,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/woff/elementskit97ac.woff?y24e1e","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.989Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /woff/elementskit97ac.woff?y24e1e HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: font/woff\r\nContent-Length: 459560\r\nLast-Modified: Fri, 29 Aug 2025 01:32:38 GMT\r\nConnection: keep-alive\r\nETag: \"68b10336-70328\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":459560,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 459560, version 1.0","md5":"35d9d8d17344729e636b122ef44b7e1b","sha1":"2302c9d38e2fb3b64f0f4e64152a6b23ab6f8149","sha256":"edb1e4c879a22b1b413be44cb521a8f20fcc40e9ca1aa50c1c38cd45868de369","sha512":"34571a19e9eb0e902c2fd57806e09c242057249aa4dc794b89643884caf8cba48dd45cc82f9aebe4b6938248984e18187b86d9fcbe949718c69ccbda99b7ebf7","ssdeep":"12288:hl/hVTvxzj6uZieIDZt7Ox36wGyuazRQq/hVrs8VlF5lyCw7jjWQ:rICtJly0Q","tlshash":"5aa47c2be3d7cf6ec41698bb1d06a2724cf6d631823fe286be895c11d1098f84d7865d","first_seen":"2024-10-27T21:49:12.853634Z","last_seen":"2026-04-04T10:27:21.76581Z","times_seen":5238,"resource_available":false,"data":null}},"time_used":1795,"timings":{"blocked":871,"dns":0,"connect":0,"send":0,"wait":226,"receive":698,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/html/jisusaiche/index.html","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/html/jisusaiche/index.html HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 02 Feb 2026 17:14:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db92-a977\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43383,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"06e2c6fc65ca122f63f9325bc2b390cc","sha1":"634132f56cf468ef0facb646c779a94db3cbe11b","sha256":"a533ea5ed166e5c42b3f59aec9fe562d0a32f4c2590bb54fc9864b389c143b9d","sha512":"797f293c885440522850216b9e4ca362abd285332898006ff997a8a4a6bd7ac58c2d7c0c316c8b02d0439d1051a660bd3a916ae9d699b678f85169ffa7dd4086","ssdeep":"768:UoSkTAkLf1fOpoLqFEHst7FLkTHlb0TlnhAkXfCjMmmf:U9FmtfOpoLqFEHstZkTFb0TBhAkvCjhi","tlshash":"f213dc2836aea52a022392c740b57b45b1dfcd35d7625a6bb5fb13b323c7d50780f12a","first_seen":"2025-05-30T18:13:25.45231Z","last_seen":"2026-04-04T04:03:46.134071Z","times_seen":368,"resource_available":false,"data":null}},"time_used":1459,"timings":{"blocked":624,"dns":193,"connect":211,"send":0,"wait":211,"receive":0,"ssl":216},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/Rectangle-10-copy.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/Rectangle-10-copy.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9d6fc2b4fe6b4b93-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/css/pk10.css","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/css/pk10.css HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 15 Feb 2025 15:37:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4c4-53fc\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21500,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"4ad2a39088656d3fbc9a8695463fb540","sha1":"c736fced00b9a629bb98d61e8e662394ff2afe53","sha256":"ce537293741ba0dbc920bd27a9bcfb575ce7382ea545f812071851932bf5a8f9","sha512":"c8648f0d3db43f80502064c7c0bf8a29345de217b3363eaa77e78c4a13f759c173f867743b80caedab875603c1d36c690d1ad8a82c001514ca9c64cb8d02a907","ssdeep":"384:Il/unsDrTtY0JMVYTJbtl/wqozQ2isEUc8JvWNJo4OD2bMX6t2Wn00LtK0N5djwC:Il/unsDrTtY0JMaTJbtl/wqozQ2ishcF","tlshash":"37a20439166a2d8db2539aaabff41fd63ec084150b0b42eff5d3ba1853c56702c631c9","first_seen":"2023-04-07T04:13:03Z","last_seen":"2026-04-04T12:32:58.639538Z","times_seen":1281,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/css/listHtml.css","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/css/listHtml.css HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 15 Feb 2025 15:37:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4c4-8624\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34340,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (34316), with no line terminators","md5":"9c6038ae0d2f46997ea6171df77f598f","sha1":"07db9052233146d321a89a6fae189c60265e82ee","sha256":"9e7e09c2601073ef8ded916184724483aed355e1bcaafa3bdc2454d812504b2e","sha512":"ce7e1107eca1308a20c52544c6fe227d52c2159293c3950618de369bb8c0850ebd1cc747ff554083a487b06c357451ae08ce73d5e7fcc2709b1e111cdddcc3dc","ssdeep":"384:cHjCKwnBiP99aHw35SfjVMaivIJ8DgF/iB3E1WuNlgK:cHjCe9aNVNivFDdE1WuNlgK","tlshash":"99f273397664374da0ffd1237aa07fcc2860d4c4c55b43b4ce6b3f61662b2622ba6395","first_seen":"2025-04-07T08:33:42.718176Z","last_seen":"2026-04-04T12:32:58.649336Z","times_seen":987,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/local/pk10/head_jisusaiche.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/local/pk10/head_jisusaiche.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 303\r\nlast-modified: Mon, 02 Feb 2026 17:15:10 GMT\r\netag: \"6980db9e-12f\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":303,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (303), with no line terminators","md5":"7d17eeb07e12644cc27e6d8f63353d70","sha1":"1074682081821f439af386aa7fba49778623e7fb","sha256":"9fa1916fb1f0ec143e93280bf4daea5e31aeaab49714b4a973b70c6e9edc50fc","sha512":"1beaa7a19ad419b36b051737ff13d9c31c2ec7d39fd4281e12fad2856e61b8c3b2cb82539a56c42ea9f959d4236fe68c5cef6a6658b8f1d0c8c0bf21187872f0","ssdeep":"","tlshash":"19e0c20a58373416a496b328591ec447b4967e89a083acac5e83e58124288cd681df2a","first_seen":"2023-03-10T09:25:11Z","last_seen":"2026-04-04T04:03:46.048747Z","times_seen":398,"resource_available":true,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/woff2/fa-brands-400.woff2","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.988Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /woff2/fa-brands-400.woff2 HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 81612\r\nLast-Modified: Fri, 29 Aug 2025 01:32:42 GMT\r\nConnection: keep-alive\r\nETag: \"68b1033a-13ecc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 81612, version 1.0","md5":"b4d6b90f14c0441aac364e194978408e","sha1":"142696d43851c8eba0f54c7b94c5f6ebd09703e6","sha256":"6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8","sha512":"feab357b65d7302cc6ca2afc86b84851c9b307ba68659fe9e6f7191ff38bdd1d38658e503124b6940f77f5c216b4400c23b8babcd6c13fac2313fa91e5269f09","ssdeep":"1536:mU9FSafiVK4eoDE9kuqu3GbcJuGiZmvfgFrsrr4l1ESfkmS3a+:mYFURoZCMLngsEl1DYK+","tlshash":"678312531fb0ab4ed86e9b3a171d7c3ba4cb2e224b4a704c1d5504068b7ba6d35f45c7","first_seen":"2024-03-11T23:30:43Z","last_seen":"2026-04-04T12:45:57.141565Z","times_seen":58739,"resource_available":false,"data":null}},"time_used":1062,"timings":{"blocked":831,"dns":0,"connect":0,"send":0,"wait":214,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/01d273202731e44f0f1187f3afcaf156.woff2","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/01d273202731e44f0f1187f3afcaf156.woff2 HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff2\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\ncontent-length: 42924\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b3ee174b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 42924, version 1.0","md5":"3cecbd83e79ff7e17cd28b68ece9c08f","sha1":"40f6229a245f8f4d49ead2dff52be1169ee92f14","sha256":"d7eee5ab759751ca27c7880c64c79511d2853a2048c6301f71c5493bf2729e46","sha512":"b8afa9ca9b87a68357eb41fee3cf7b5e7c57528fb633727efe8155724ed76d8ab0a85a2d28a8afddf05d3e61e85ef2ffaeb30fd516eb13f81eb0d9ddfabebe5f","ssdeep":"768:EgszuxT1cg42FeX1xSIvLSrwC6LmTbPKv/vgi9jTXXFMkBP4mGtRp:Egs7D2Felm8XLSOv/vgi9jTXX2kemQRp","tlshash":"e513f1604cad1b6058f8bdc1d1007d3adb6f893cc13ca66abf99a4994083aef46e41dc","first_seen":"2024-08-19T16:06:16.332215Z","last_seen":"2026-03-04T09:13:08.365697Z","times_seen":7,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":213,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.34.0","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.34.0 HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff2\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6907\r\ncontent-length: 98308\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b54e774b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":98308,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 98308, version 1.0","md5":"356aa21294786e12ce7c7b48f3300c5e","sha1":"d4bf95bf1e3f65aec8e79d27b9e7f46797a1876b","sha256":"fe03df9ef35bc2923e729d6f700aeba73be1de3207399840ac6dc8e4e77eccce","sha512":"fd0494957b1aa47c8aea2562aef5b9247fd3a27ce2b247839093d773315e0886a5aac956302e9aed3bfd0645ab5dd21023fb7e628fcc2ec4e5241f84fc41fe3c","ssdeep":"3072:0efNWB8pbF8tNwTFdSdaOpL3ar7OD/+GrQc3RjgR:Ti8pFINw5/OpD9GuzjgR","tlshash":"23a3025fa4a6c0ddf992c9aa36ed425680cb757ca3f79089019257721bc216bc04f7ce","first_seen":"2024-12-11T10:10:39.531709Z","last_seen":"2026-04-04T12:00:51.643204Z","times_seen":915,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":412,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/css/public.css","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/css/public.css HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 15 Feb 2025 15:37:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4c4-59ac\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22956,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7c54605cb3f71748fb879ee8e6b705ee","sha1":"f8c8be00cc570ee35564f543357034e6addd2500","sha256":"5256fc07502ba8b4af3949b231c9bece358850eb090c6c547e187ef423527f78","sha512":"a86d4d412d17e3be85097a53b5074e38a65900299ca40a7fc38a62fedf0c923d536a07974be98aabee1c71ab3560b05415c8f0e56813133182650b7bccd7db6f","ssdeep":"192:iSICtkWbE2ofggVdomdEP7WaGvuHRVrhF3hng65t71xTFq9YXRHecX6oEg8JYWYp:iSIyxh1r1eo","tlshash":"b4a2ca342cad28c9b11f96ac3d7a7bda4a1c8044de0f4e6cf1bb7db5b7492504272ac5","first_seen":"2023-04-07T04:13:03Z","last_seen":"2026-04-04T12:32:58.636431Z","times_seen":1305,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/img/cltj_img/icon-168index.png","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/img/cltj_img/icon-168index.png HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/css/pk10_Gary.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Feb 2025 15:37:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4d2-7031\"\r\nexpires: Fri, 03 Apr 2026 09:12:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28721,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 213, 8-bit/color RGBA, non-interlaced","md5":"9cadfe91f4676d8abaefd706fd002c70","sha1":"3c1f5c663282388d8fa739baf8dd77edcb5a82d0","sha256":"cba1227e78513169698e2b0cf72cd24505429292ecdcb849a8f8f33b9ae5e1d9","sha512":"84ac82a47f8550b13d6d4b804928489423f851c241810d19d268f983e8a5bdf0e98c4e43ca8bddd1ec7494cb34a3374cd3842d8c45a4153ebf4cc30536c52f70","ssdeep":"384:kT4cIpHlIlqQKlgSTxqtWplA+8ixwj08iZpaffwUeyAZ1+Cr444r+RRRkLHX42PT:kT4BYSV3qnc8ffwTB04DJq3LQdt2BI2","tlshash":"ccd2d0dfdc38c182e675ac713aafbf2aa029c2a194d19c0f94e2900c4d96c099dd57e6","first_seen":"2023-05-02T12:59:34Z","last_seen":"2026-04-04T12:32:58.623567Z","times_seen":1328,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.api168168.com/pks/getPksDoubleCount.do?date=\u0026lotCode=10037","fqdn":"api.api168168.com","domain":"api168168.com","tld":"com"},"ip":{"addr":"20.48.82.22","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:42.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"api.api168168.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:17:01 GMT","end":"Tue, 31 Mar 2026 00:17:00 GMT"},"fingerprint":{"sha1":"72:2C:9E:37:25:83:F9:B3:E7:A7:3B:9C:75:01:CF:1D:6D:C2:79:BF","sha256":"08:DF:68:1C:CE:56:7F:28:1D:02:97:8F:AC:F5:2E:D2:0D:F2:F4:A5:7A:57:8B:74:62:FD:B9:0D:E7:5B:67:C3"}}},"request":{"raw":"GET /pks/getPksDoubleCount.do?date=\u0026lotCode=10037 HTTP/1.1\r\nHost: api.api168168.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xy678kjw.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:43 GMT\r\ncontent-type: text/html;charset=UTF-8\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://xy678kjw.com\r\nvary: Origin\r\naccess-control-expose-headers: Set-Cookie\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1538,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"69528e6a4ade2193ee6930365a21976b","sha1":"e33a04f7b78e0b696dd24fef59e836bbf4761dcf","sha256":"1c828cc9c1b65545a911756cef8583b3bdd54ac0c32c40d953cb7ab95afb1771","sha512":"5053eba2606bc208aa32f31cb43aaeae9d44a7dbec1ada7f8fab3c9a787ea8d5388959ba4830a5277385d8bcec6ee908620af2343e838feec264dc7d7ab49df7","ssdeep":"","tlshash":"a7312786f94d39627e57a032f9eda470993b3a065ca64f6849c5cf18808cb4b7f04f56","first_seen":"2026-03-04T09:13:08.395745Z","last_seen":"2026-03-04T09:13:08.395745Z","times_seen":1,"resource_available":false,"data":null}},"time_used":465,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":465,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.api168168.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"station-lab.com/","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T09:12:37.377Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":599,"timings":{"blocked":599,"dns":0,"connect":209,"send":0,"wait":0,"receive":0,"ssl":216},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/woff2/eiconsa7eb.woff2?5.34.0","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.980Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /woff2/eiconsa7eb.woff2?5.34.0 HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 98308\r\nLast-Modified: Fri, 29 Aug 2025 01:32:42 GMT\r\nConnection: keep-alive\r\nETag: \"68b1033a-18004\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98308,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 98308, version 1.0","md5":"356aa21294786e12ce7c7b48f3300c5e","sha1":"d4bf95bf1e3f65aec8e79d27b9e7f46797a1876b","sha256":"fe03df9ef35bc2923e729d6f700aeba73be1de3207399840ac6dc8e4e77eccce","sha512":"fd0494957b1aa47c8aea2562aef5b9247fd3a27ce2b247839093d773315e0886a5aac956302e9aed3bfd0645ab5dd21023fb7e628fcc2ec4e5241f84fc41fe3c","ssdeep":"3072:0efNWB8pbF8tNwTFdSdaOpL3ar7OD/+GrQc3RjgR:Ti8pFINw5/OpD9GuzjgR","tlshash":"23a3025fa4a6c0ddf992c9aa36ed425680cb757ca3f79089019257721bc216bc04f7ce","first_seen":"2024-12-11T10:10:39.531709Z","last_seen":"2026-04-04T12:00:51.643204Z","times_seen":915,"resource_available":false,"data":null}},"time_used":1052,"timings":{"blocked":173,"dns":1,"connect":213,"send":0,"wait":228,"receive":437,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2024/04/home-ba-1.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2024/04/home-ba-1.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Wed, 04 Mar 2026 09:12:39 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9d6fc2af8ac845dd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":113,"dns":84,"connect":8,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2024/01/arrow-yellow.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2024/01/arrow-yellow.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9d6fc2b3adf54b93-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/blue-icon.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/blue-icon.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9d6fc2b3be044b93-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/Montserrat-Regular.ttf","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/Montserrat-Regular.ttf HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: font/ttf\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\nvary: accept-encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6907\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d6fc2b50e6f4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":365944,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 15 tables, 1st \"FFTM\", 26 names, Macintosh","md5":"787ef76fe0a7d8e5470a86c4664b5643","sha1":"3a779308d246834f4b094d080cbc79ef798c96ba","sha256":"fcc9d724f96e2837f39cdda6415d8a5f73b9017807cd13157923f35ce70a5055","sha512":"25ac1a396d693a5488f026c1f0a756d933b10a655cf950e44615c0f180ec124e8cf690d75d875c7348aa37c7eb7949ffca7aebb326df5a3adc7c6a2d3b6c74b2","ssdeep":"6144:7bqoK5flDeY/E8kC76hvmR/R/1HzFQ0T/d01LL1pTO4AUSLWJ0NCqyic68Sklx9z:/NSJDR/R/1HSOd01LL1pTO4AUSLWJ0NY","tlshash":"f0745b47ff43831fda524e3466bae322a395e1b5af6e430bc4461628fc9b1d24dc49c9","first_seen":"2024-08-19T16:03:59.920483Z","last_seen":"2026-03-04T09:13:08.380191Z","times_seen":4,"resource_available":false,"data":null}},"time_used":636,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":624,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/iscroll.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/iscroll.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db96-4db3\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19891,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19891), with no line terminators","md5":"3249e269b6bf59a9596ff4dd4908bd74","sha1":"16f804a74f66585bf01bb2217997a2a4ff0c4a23","sha256":"3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c","sha512":"f8fff231edd431cdad0e9426353abceb12ad72e1decfb110aa48f6b81fd061f9b2171bacba515069c1360df4a7cc451c1b0cdce380c4ecdd3849231bb4f07bc1","ssdeep":"384:KgC+EUMfCHqTj54QUX5WSMFqa7BU5TJe3c6OJsBeCWvtk7mSjjxaF:Kl+EUnqTDUX5UFO5TQc6OJsBetO7BlaF","tlshash":"2792a4889112338245ffb399dacb860d607a9339671750cc3929bffa6a447b843d367c","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.587289Z","times_seen":1334,"resource_available":true,"data":null}},"time_used":624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/config.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/config.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db96-2ac8\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10952,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (475), with CRLF line terminators","md5":"3dd88f111bcd4deb3c3a72e4a896e37e","sha1":"9cacd59cb319758376cbf978b5b8e7664fb5718e","sha256":"d8180dd3eae247c7d0754e200aa925af90d9145f0546966dd3c66383417caf21","sha512":"a9b03b5a708734bd18ad1128dd2906f1c44e3e7f5e4be716ad1052d3132cd5032db835ed984228cbddaa52c7799ac81c2e79b23bc433dc2c2e3685a6eba87492","ssdeep":"192:qSa/WVpaV8Sx4AKtPxlmrwGGfdc8tlCxohT:qd6I+o4tPxESc8tV5","tlshash":"1532201b844053a66173d779247a2e48e93a135b80059c5b3fbd4ac48f3be3a9059ffa","first_seen":"2026-02-02T17:19:00.443392Z","last_seen":"2026-04-04T06:00:05.14112Z","times_seen":64,"resource_available":true,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.629Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 397\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://station-lab.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Wed, 04 Mar 2026 09:12:40 GMT\r\nEO-LOG-UUID: 17114313951376068919\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":308,"timings":{"blocked":19,"dns":0,"connect":19,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.api168168.com/pks/getPksLongDragonCount.do?date=\u0026lotCode=10037","fqdn":"api.api168168.com","domain":"api168168.com","tld":"com"},"ip":{"addr":"20.48.82.22","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:43.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"api.api168168.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:17:01 GMT","end":"Tue, 31 Mar 2026 00:17:00 GMT"},"fingerprint":{"sha1":"72:2C:9E:37:25:83:F9:B3:E7:A7:3B:9C:75:01:CF:1D:6D:C2:79:BF","sha256":"08:DF:68:1C:CE:56:7F:28:1D:02:97:8F:AC:F5:2E:D2:0D:F2:F4:A5:7A:57:8B:74:62:FD:B9:0D:E7:5B:67:C3"}}},"request":{"raw":"GET /pks/getPksLongDragonCount.do?date=\u0026lotCode=10037 HTTP/1.1\r\nHost: api.api168168.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xy678kjw.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:44 GMT\r\ncontent-type: text/html;charset=UTF-8\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://xy678kjw.com\r\nvary: Origin\r\naccess-control-expose-headers: Set-Cookie\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":475,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"74911dc20d5edef348c12e31c869e0f3","sha1":"c47940377bba670b57aeddba3373f5f8dc290e7f","sha256":"2d4ff3bdd080eb72e85de5d678574217f9bbcf903cc865dbf295bad8edbc2e72","sha512":"c8c736baed710c20fe55656ee47119f6471bcdb821b7a95ca4bfb983a75b5224e62cf1290a573f0e851cbe520155e7135b08b22f2510439d4e023b33ad79c792","ssdeep":"","tlshash":"30f048aaba19351faec90f2ef4ebf275a4e012514e4c97d5c1fd0832274890db16fe80","first_seen":"2026-03-04T09:13:08.398653Z","last_seen":"2026-03-04T09:13:08.398653Z","times_seen":1,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.api168168.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/woff2/ffmarkwebproregular.woff2","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.982Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /woff2/ffmarkwebproregular.woff2 HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 51660\r\nLast-Modified: Fri, 29 Aug 2025 01:31:33 GMT\r\nConnection: keep-alive\r\nETag: \"68b102f5-c9cc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51660,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 51660, version 0.0","md5":"11692667299b9f4c491e59d7852558cc","sha1":"4957f46238a84776bfe11dd3d43616acd26e5a54","sha256":"6b4cc948e8012ac96ffa03a8ec345720bfd9fb6294864c79e683046cf49bcabb","sha512":"67c997d2d5eee4622cf1eb3ca539c9ecea26538b042831fc8b40ddccb9b4ec4e4453625c57614bafad20bfa3ffbaa95f9e90e941526ed1d0f77e77d21e82d958","ssdeep":"768:Ib7OFRC00kKmkvb8g9WjAnSOnan5eKHGCVrxgWhUXFmwp3c9aEvuR4gFw5l:IOrivb46SOYtmCV9yFrxc9amu3yl","tlshash":"8933029ec5544eb8356d28a32639c3215c1c39493fc55dec34e53a294bcaffa05f92b2","first_seen":"2025-11-08T07:22:22.812919Z","last_seen":"2026-03-04T09:13:08.400031Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1108,"timings":{"blocked":182,"dns":1,"connect":227,"send":0,"wait":236,"receive":462,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?9449080f1fd9d69519fb3ef29e931160","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.053Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /hm.js?9449080f1fd9d69519fb3ef29e931160 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":7487,"timings":{"blocked":7487,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.645Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 398\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://station-lab.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Wed, 04 Mar 2026 09:12:40 GMT\r\nEO-LOG-UUID: 8776601310916257610\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":27,"dns":1,"connect":27,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: font/woff\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:34 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\ncontent-length: 97804\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b9188e4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":66701,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 97804, version 1.0","md5":"a070803d12707820962acdd717540dbb","sha1":"40267e0255eb1d5589721bd5d71d8ec7ce246e33","sha256":"40c31f761c6a5141185e93388063c8f6b1a928293430e21b1281b70308e815e8","sha512":"e47160388887d0ad47eb74fefc123add7a3106bba71634e9a3aba7fed04234f85af8980df899c5e35f2fd839485a412d3c84e911398b5e66898684d3694f34b3","ssdeep":"1536:K6i88CupPduw7EIwOvnK9sO7ryI/vH7kM2UKNt3MlMFzwKMSXr:7svuNIwOPK9ly4vH7kkKNtclmcKpb","tlshash":"ae53013cc6dd3c11b2603af5103d26a492c0fdaaeda8159dce26bd0b35c8577b55eac8","first_seen":"2026-03-04T09:13:08.40203Z","last_seen":"2026-03-04T09:13:08.40203Z","times_seen":1,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/Sortable.min.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/Sortable.min.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 0\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\netag: \"6980db96-0\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":422,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/html/public/head.html","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/html/public/head.html HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 02 Feb 2026 17:14:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db92-532\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1330,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"626eb9ecd82619ad149f5b4aeb530720","sha1":"c69c26a74ba1c15ab35cb3b48242603bbbb83cb7","sha256":"dd472572f54f664106cd0ffc2a5e3266bbfe14067b202b26d29315a1479ed062","sha512":"0627d3cb18e744a86ee878194805d402182c839886fddf75ef16a2d9d5e273ead1d5e570b6ae518ce2217cf9e0cdea706aa8f34db6a8d72b3200ae31d9400d9d","ssdeep":"","tlshash":"8321e260f5ac6b2b40b323a2a17b8b45942f9d1ad3009c0076ee57f7278fa68710b545","first_seen":"2025-04-07T08:33:42.704596Z","last_seen":"2026-04-04T12:32:58.646869Z","times_seen":1204,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/png/home-banner-new-img-1.png","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.488Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /png/home-banner-new-img-1.png HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Fri, 29 Aug 2025 01:30:41 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68b102c1-15511\"\r\nExpires: Fri, 03 Apr 2026 09:12:40 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87313,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 900 x 677, 8-bit colormap, non-interlaced","md5":"ca727b4ad960b21c1715326fda79f601","sha1":"45cc4d2f898282573f4a5a97dd8f420aadc8c913","sha256":"1f726c48aec4fa1f1417470bad06061ab844310b439924f50e6a23a746a45d47","sha512":"313120261005b05c34f7930fefbac853f08bfc537baea0a0b90aae676cde9c3e1903baa7e6b815058fd3b948316c5c6f12475d3a6252195137df26acd7403c9c","ssdeep":"1536:ddKliou0SIIGJ7hdl9pB/+WpCuFE1L3dgPSLoSdJqLEgUM4F9DnxWie3n2W7/bmJ:ddKLSIIGJ7xNhpC2K7dgPSLoSdJqgBMy","tlshash":"fe830279bacad6435597c1cc4e7135be1ffc6106c8987482f74ce6d02a91ad024decae","first_seen":"2025-11-08T07:22:22.789854Z","last_seen":"2026-03-04T09:13:08.404205Z","times_seen":2,"resource_available":false,"data":null}},"time_used":917,"timings":{"blocked":662,"dns":0,"connect":0,"send":0,"wait":244,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/FFMarkWebProRegular.woff2","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/FFMarkWebProRegular.woff2 HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff2\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\ncontent-length: 51660\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b3ce0a4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":51660,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 51660, version 0.0","md5":"11692667299b9f4c491e59d7852558cc","sha1":"4957f46238a84776bfe11dd3d43616acd26e5a54","sha256":"6b4cc948e8012ac96ffa03a8ec345720bfd9fb6294864c79e683046cf49bcabb","sha512":"67c997d2d5eee4622cf1eb3ca539c9ecea26538b042831fc8b40ddccb9b4ec4e4453625c57614bafad20bfa3ffbaa95f9e90e941526ed1d0f77e77d21e82d958","ssdeep":"768:Ib7OFRC00kKmkvb8g9WjAnSOnan5eKHGCVrxgWhUXFmwp3c9aEvuR4gFw5l:IOrivb46SOYtmCV9yFrxc9amu3yl","tlshash":"8933029ec5544eb8356d28a32639c3215c1c39493fc55dec34e53a294bcaffa05f92b2","first_seen":"2025-11-08T07:22:22.812919Z","last_seen":"2026-03-04T09:13:08.400031Z","times_seen":2,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/11/cytena-bg-image.png","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/11/cytena-bg-image.png HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9d6fc2b4fe6a4b93-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.34.0","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff?5.34.0 HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: font/woff\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6907\r\ncontent-length: 120564\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b918924b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5543,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 120564, version 1.0","md5":"0313497b0b78c4b368a563d0a8d5f28a","sha1":"22f18cfe8dd15eaa81e5fc4b826f192c878d2a20","sha256":"0b477920282ca731d6e9315b84263ebb4365016b19e35d26161da5b86fbce225","sha512":"71e0294e1afcf3b32b458f3d3210f6faabca3f0ee9b5ae13f17ae0acd64df6a0b1827b37305109df871efde1cb93cb62eaafd9a7e5033dcf8d68c88403c31812","ssdeep":"96:nTLugb4WTgjWZhnxb3VO1kMArJivLw2nKXA/aAhyK/7othIs5:nTLuUlx8FAdoc2nKw/aAhB/7m","tlshash":"8fb1f6a5a3a6f380d50045f3e55b9aa73f2c8f32e4489c462ce69c735ee90a79b41734","first_seen":"2026-03-04T09:13:08.405581Z","last_seen":"2026-03-04T09:13:08.405581Z","times_seen":1,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/jquery-1.9.1.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/jquery-1.9.1.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db96-16b57\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93015,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"0ced1955d04ad67f93c642501960172d","sha1":"e346705c96ed71fef43144a893dc26f0d1ff2a81","sha256":"7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90","sha512":"c5fdcd09f23cbc4adcdc9ae38e7535eab9d10026b2607c21414cbb02258f0eb99bea0c8b53ee69129c62cf086898f4fec46d1a52f1170955b2b4d6ab0c636a47","ssdeep":"1536:g9sFlxCuYQ8kdpjEhDH19D7jXHi7mdG5bakVV6qN6MQDKwTYHUfn06dPGMIcXQWy:JXdURN6G7h8aGtvnx","tlshash":"b69319dd76c5b12247ab307d106f540af236599a280c8450f135e8fafc7898aa177f7e","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:25:08.251496Z","times_seen":1198,"resource_available":true,"data":null}},"time_used":420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":420,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/drawLines.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/drawLines.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db96-613b\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24891,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (24891), with no line terminators","md5":"7db0502baf867aa0663475b899ffb19e","sha1":"a69f4ef6ab52c62d9885dc55b733c8c37687383e","sha256":"8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb","sha512":"68964174935137b93491d1bea5e3fec05f068dabd36cf5670bb03c6c4eb30bdfbc493b8002eb8d1e46d7289f9c8430d25d230e1e6870d89fe53cf0f7be78794b","ssdeep":"768:uVYu93uZgDPN6cypp08tc25yBY/BEMXH7YE7cpv:u19MgDl6NppjtDwBY/BEUH7Yecpv","tlshash":"18b208eaf2863475818b63a9143f6749f13368156e06844cf479d8d26d38f8970bfe78","first_seen":"2023-03-07T12:24:04Z","last_seen":"2026-04-04T12:32:58.662456Z","times_seen":1333,"resource_available":true,"data":null}},"time_used":462,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.34.0","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.ttf?5.34.0 HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: font/ttf\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:34 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\nvary: accept-encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d6fc2ba69434b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":105540,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 15 tables, 1st \"GSUB\"","md5":"36c34a4603730d9e053d80b36e7a3376","sha1":"843900babf1b73732efd46b99ace0a6b90cddeeb","sha256":"89dec2c0458d0d047e3e969c04400387e37332ef458230161e793045b348d8c8","sha512":"0fe5b54ff1d0b1685d758f53cd15a23cc264ed44f14a61900bd1e501107d126562926f7bab3e36bc620fed1dc3d98dca63e28165078db5fc259b9f2d58256610","ssdeep":"3072:0f3irUTrnfpe+ZHMpgpTgfvAiLqyjA66PZf9/H2vYzI/6LfDUQ9GkfxW+TRea5dq:0sYnfpe+JMpgpT0vHLqEA66PZf9/WvYU","tlshash":"c9a36c1bafd5eeefdb36157e449e9612e167dd110033a2c7ab0ca1af5e611c804b0dac","first_seen":"2026-03-04T09:13:08.408511Z","last_seen":"2026-03-04T09:13:08.408511Z","times_seen":1,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":184,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/img/haomaimg.png","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/img/haomaimg.png HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/css/public.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Feb 2025 15:37:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4d0-2c891\"\r\nexpires: Fri, 03 Apr 2026 09:12:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":182417,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1204 x 600, 8-bit/color RGBA, non-interlaced","md5":"e2e251464ed0269900791e37a8557086","sha1":"f26741ef593f9fa19c145d34a1d90b70ee90fe26","sha256":"2cd69edba71483d88d9663a598f00d975a52b3a8a8422e7c9d50fd1ac3f0464b","sha512":"c0376b445e92a7ad916811bfdc640d1d17d6af7acf16f19f023e41fbf69f17e6bf0cf068b32364e6dd1731125115d9456384b156f6bf0c274d67c98c06e3c0aa","ssdeep":"3072:PTWUHyie4FLR3c2PbYLNYACAb2jwDLp4AZm9xGoTgg1nRHnwQNzvZVha09+m:PTQieQR/PcLNOAb28vpIH0QBNrha09+m","tlshash":"a80412c3ad012d7bde40657e4d9b4b1e424090f01cb657a4af1cfef8abd34e6486a61b","first_seen":"2023-05-02T12:59:34Z","last_seen":"2026-04-04T12:32:58.615525Z","times_seen":1328,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/woff2/fa-solid-900.woff2","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:38.987Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /woff2/fa-solid-900.woff2 HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://station-lab.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 78196\r\nLast-Modified: Fri, 29 Aug 2025 01:32:42 GMT\r\nConnection: keep-alive\r\nETag: \"68b1033a-13174\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78196,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261","md5":"e8a427e15cc502bef99cfd722b37ea98","sha1":"a9922842a120a7f1eaced667480c5e185a106d69","sha256":"d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef","sha512":"113775748a4166c07e58c26cf6db7fed473732dc6124b8ee0f0dcc0d6439eb2ab2c5d9e01c67324fdf9de4105349cf30cc5796a0b0e0ce9a08f337b9d4e10b7b","ssdeep":"1536:1iGQV8Q8UOUMUd5UY3qyCkHQCCz2LL1F+u3MHLGxe3U:QVWuF33qy7HQchFz8HnU","tlshash":"3273121cf567643ef6a8e05f3c38256d4fd5c724e2e68a06748db808c4ce71d90879b6","first_seen":"2023-04-05T08:37:56Z","last_seen":"2026-04-04T12:45:57.068851Z","times_seen":119637,"resource_available":false,"data":null}},"time_used":1253,"timings":{"blocked":827,"dns":0,"connect":0,"send":0,"wait":211,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/main.js","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.494Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 29 Nov 2025 04:44:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692a7a36-4d0\"\r\nExpires: Wed, 04 Mar 2026 21:12:39 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1232,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (477), with CRLF line terminators","md5":"70102457292100acb4885927b5f3a93d","sha1":"8b6f76aa25b28c140146c1df2074b66434f62397","sha256":"e702d7bf54ac1a6ec86a4b433bc3cb64924e23b9496099964a9474e59ca56471","sha512":"cc9c1ea4f3aa276f20fa096a0b80cf2a6b8461bcf2b548e3bbeb05853285ada52fae2ff6611a246f61b21cfa17e7225d3d516193c4ad7d5ddadafce34269ce7e","ssdeep":"","tlshash":"192189af598531a0d57b2391caa697bcfe7a8017471218b07c1c7b224b79c930426eec","first_seen":"2025-12-02T13:06:24.205401Z","last_seen":"2026-03-21T19:15:38.534998Z","times_seen":35,"resource_available":true,"data":null}},"time_used":618,"timings":{"blocked":368,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/Maxeville-Regular.ttf","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/Maxeville-Regular.ttf HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/ttf\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\nvary: accept-encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6907\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d6fc2b3ce0b4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":43400,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 15 tables, 1st \"FFTM\", 22 names, Macintosh","md5":"debf8be5c1d1852ade57e874430325c2","sha1":"93fc8342a1a39fef3a46213e1b6ee6d3553b8641","sha256":"da241eac8c9fd33e12e17068cd1afde5abddd9c4ab8593473bef54076a5179b2","sha512":"1e5f825829502cbb1d18011645fd3fd16cd7086f2d6b473bd203b8a6801cd989737435ca66fa73336f0b3c4e2c877f0cf4dbd20c2ac739c38a578a9a324fe7dc","ssdeep":"768:y6segvDGMSTP1mK6Vj5Gjo55ea2SRg01y/oqiF6jgmdrg1DBJ:6egvDGMSo75trea2+F6jgmd0z","tlshash":"0c135a0d6383638aca60ed3c46205b55db35f8b0bcf697cbd4d15af7980fada6c4061a","first_seen":"2025-11-08T07:22:22.791926Z","last_seen":"2026-03-04T09:13:08.388544Z","times_seen":2,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.api168168.com/parameters/getNoAdvertisingDomain.do","fqdn":"api.api168168.com","domain":"api168168.com","tld":"com"},"ip":{"addr":"20.48.82.22","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"api.api168168.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:17:01 GMT","end":"Tue, 31 Mar 2026 00:17:00 GMT"},"fingerprint":{"sha1":"72:2C:9E:37:25:83:F9:B3:E7:A7:3B:9C:75:01:CF:1D:6D:C2:79:BF","sha256":"08:DF:68:1C:CE:56:7F:28:1D:02:97:8F:AC:F5:2E:D2:0D:F2:F4:A5:7A:57:8B:74:62:FD:B9:0D:E7:5B:67:C3"}}},"request":{"raw":"GET /parameters/getNoAdvertisingDomain.do HTTP/1.1\r\nHost: api.api168168.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xy678kjw.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:42 GMT\r\ncontent-type: text/html;charset=UTF-8\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://xy678kjw.com\r\nvary: Origin\r\naccess-control-expose-headers: Set-Cookie\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1953,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"7ecdd0ccad41cd367a2c8ee896934a33","sha1":"81a85a497a6d3c1690aec93a1d32d8df034cb9c1","sha256":"ab2996705a41b5da716b687ca0d29d6601350807116ac265e5a17a0ea47a70e1","sha512":"a972c5d286ae479e80fd58d0a812cd0bd4ed618b92f22a44f33638338bbc810a5ddf8a4885fcdd906cba8124f2abbf5508965d0b433b0d512faf6f8e98ade325","ssdeep":"","tlshash":"e041f17b6f1c35db32a506d12ee16c84417cac761f71d8f59729320584e47ac0e5e2de","first_seen":"2025-08-13T13:08:13.288581Z","last_seen":"2026-04-04T12:32:58.640133Z","times_seen":1118,"resource_available":false,"data":null}},"time_used":2196,"timings":{"blocked":963,"dns":236,"connect":242,"send":0,"wait":265,"receive":0,"ssl":487},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.api168168.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/html/public/footer.html","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/html/public/footer.html HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: text/html\r\ncontent-length: 192\r\nlast-modified: Mon, 02 Feb 2026 17:14:58 GMT\r\netag: \"6980db92-c0\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":192,"size_decoded":0,"mime_type":"text/html","magic":"exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"098da663f92341ce930a25fb7971face","sha1":"0ae170887c93016b120f912ba8abd9e8f3468c64","sha256":"3f7c04527e76666c241a4f75b13119ac19ffaed8729e3f0f48180a810e98f249","sha512":"3e473556835b74b6288b802a89e3e47fdc95f44d1419d0401533850e1a96d3c306ba29e08945f2bc91cff417caf57b88a77c945ced3bc9d807a37fe776f5bc9e","ssdeep":"","tlshash":"1cc022a0b004ce7a0493014301322788a593cac1e742d831a39006330363503980a446","first_seen":"2025-12-01T12:22:54.124501Z","last_seen":"2026-03-21T19:15:38.581296Z","times_seen":148,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.api168168.com/pks/getPksHistoryList.do?date=\u0026lotCode=10037","fqdn":"api.api168168.com","domain":"api168168.com","tld":"com"},"ip":{"addr":"20.48.82.22","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"api.api168168.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:17:01 GMT","end":"Tue, 31 Mar 2026 00:17:00 GMT"},"fingerprint":{"sha1":"72:2C:9E:37:25:83:F9:B3:E7:A7:3B:9C:75:01:CF:1D:6D:C2:79:BF","sha256":"08:DF:68:1C:CE:56:7F:28:1D:02:97:8F:AC:F5:2E:D2:0D:F2:F4:A5:7A:57:8B:74:62:FD:B9:0D:E7:5B:67:C3"}}},"request":{"raw":"GET /pks/getPksHistoryList.do?date=\u0026lotCode=10037 HTTP/1.1\r\nHost: api.api168168.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xy678kjw.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:42 GMT\r\ncontent-type: text/html;charset=UTF-8\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://xy678kjw.com\r\nvary: Origin\r\naccess-control-expose-headers: Set-Cookie\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":190623,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"a560205414951d1e3d26201ed28a14ac","sha1":"1eb4f18f68b54e4e9bc714e57383d48713635294","sha256":"c63428b1a3faa7a437f30a9901426810358c968923fe416df65b328632420809","sha512":"5892ccc3e4261cccd2cabed6229f2998a683cd109a5089198f3200857e4cf39dd66f0dd0165d7a548cf4313d1dc5aba45f8c36b1dbb39c8404ce9d50d633083f","ssdeep":"768:pJ9tc/EQAB/bC8MYn0yoIwVHo43FN24JqiWNGT:pTbOVZ1","tlshash":"2e145d06e9ad2a9336203476a9bffaf671b15f130d5d271683fedb3154c6d03269ea00","first_seen":"2026-03-04T09:13:08.412981Z","last_seen":"2026-03-04T09:13:08.412981Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2216,"timings":{"blocked":957,"dns":219,"connect":245,"send":0,"wait":303,"receive":0,"ssl":490},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.api168168.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: font/ttf\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:35 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\nvary: accept-encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d6fc2b9f9024b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":151368,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 11 tables, 1st \"GSUB\", 18 names, Macintosh, Created by FontForge 20201107 at Tue Mar 16 10:15:04 2021. By Robert Madole. Copyright (c) Font ","md5":"9bf03da2456263e3613b1f3bccd2c984","sha1":"44056bf1827333bce3ae0b958243c41ed0de6ae3","sha256":"7c6ce17d6e55fb2b5267880fd0939c7e2be6de99bb57fa56a7fe2f40146c0137","sha512":"451916b4328bbedc099b3c98e54ed292f45baca2a870bf88a78be9954b2ac3e47a6972e3c06c2479e4681515bd3d0628402afec2f765dbd87e83cef097a9de2f","ssdeep":"3072:6TYDV4qfkfphL23BeT/BJ7DLhmafpQE5hkWgL6:6TYDV4wopl6ufhma55hvU6","tlshash":"97e3ae5a73eecf9fc13269be08d1571a21f5a804e3022192fecb5d5ed0262cc4d69bd9","first_seen":"2024-03-15T16:39:23Z","last_seen":"2026-04-04T00:38:53.092929Z","times_seen":243,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":125,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:34 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\ncontent-length: 101652\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b59ea34b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":101652,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 101652, version 331.-31261","md5":"9fe5a17c8ab036d20e6c5ba3fd2ac511","sha1":"52751432ded489dfdf27fb1cf64c570c4c27a1d7","sha256":"74edc18b67c487e32f181719fdb347e2e77020744651f446e9acd7bd6821e2e7","sha512":"208ef9d3b8fa01fcecfd3473435d7d149234afe2436b6844e83efc593ad7009f5811ec1324431460b77eb5f39daf24cfb04424ef714f76bcf5bb9c47a0e294f9","ssdeep":"3072:e/ur724apSAm4tN37n8KMCsOK9UJCs8HWCIQ9TuT:eWrlY7L8RCe9y+HWCI2k","tlshash":"dda312489ad1da97a0e6fb6fe04374edd312cbc15e4987849d93e3485b4e24b0bf041e","first_seen":"2023-04-05T16:07:21Z","last_seen":"2026-04-04T05:02:54.086165Z","times_seen":1061,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/01d273202731e44f0f1187f3afcaf156.ttf","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/01d273202731e44f0f1187f3afcaf156.ttf HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: font/ttf\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:35 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\nvary: accept-encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d6fc2b918914b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":151796,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 15 tables, 1st \"FFTM\", 38 names, Macintosh","md5":"01d273202731e44f0f1187f3afcaf156","sha1":"2c7f0ac979dd9093a5bd23908ba3e38c82b1d0dd","sha256":"604a0df0c7045aa1985e79806b4c8dd6b428292ad2620a420584f3f739248624","sha512":"ef61a032f40116a2d40a7dcb0940207f84b6cd6dc368a0f311f32c4f12cf35e0e6955f05a01d949adbfe3f5a919e5bac3ff23f0008f5b07e69c8f72f252107ca","ssdeep":"3072:Kg/8HjZicQl2cuSoGTnwT22hR5JkBdnPqLpAWYGJnr:t04D3oGTnwT2275JkBdnPeAWPR","tlshash":"e9e37d4af3738b2bc8646637a751e31263e2f5616b7bc30fb08c59b4d4472d168e82e5","first_seen":"2023-09-16T15:12:45Z","last_seen":"2026-03-04T09:13:08.418059Z","times_seen":14,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/css/pk10_Gary.css","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/css/pk10_Gary.css HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 15 Feb 2025 15:37:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67b0b4c4-4353\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17235,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (17227), with no line terminators","md5":"de33a622685218df8a9df40eab336b97","sha1":"b43b2c47a2cfae500530df74e81f70598e526d15","sha256":"cf16f026f5d571890a8487159bfd866aa86385cd9a40a984c96abc5024121ccc","sha512":"988c97ea9731bcf713bc845b6e4740f58df32677a3eefacb5f951c72010f7c7a0f85ed441d44475712818b464f83a3425ad81a4146676eef94280f12ce78094d","ssdeep":"192:gF2iR/BwyqqNcFJW9Vh9+gQ+3o7d+pAgquH/kM:V4uqNcFs7hIg73o8AgqK","tlshash":"cb72463a56783244f377d2367bd1feac2921c140c2662b69cd67be35848e3063ea7758","first_seen":"2023-11-30T05:06:26Z","last_seen":"2026-04-04T12:32:58.584417Z","times_seen":987,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.api168168.com/pks/getLotteryPksInfo.do?issue=\u0026lotCode=10037","fqdn":"api.api168168.com","domain":"api168168.com","tld":"com"},"ip":{"addr":"20.48.82.22","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"api.api168168.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 00:17:01 GMT","end":"Tue, 31 Mar 2026 00:17:00 GMT"},"fingerprint":{"sha1":"72:2C:9E:37:25:83:F9:B3:E7:A7:3B:9C:75:01:CF:1D:6D:C2:79:BF","sha256":"08:DF:68:1C:CE:56:7F:28:1D:02:97:8F:AC:F5:2E:D2:0D:F2:F4:A5:7A:57:8B:74:62:FD:B9:0D:E7:5B:67:C3"}}},"request":{"raw":"GET /pks/getLotteryPksInfo.do?issue=\u0026lotCode=10037 HTTP/1.1\r\nHost: api.api168168.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xy678kjw.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:42 GMT\r\ncontent-type: text/html;charset=UTF-8\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://xy678kjw.com\r\nvary: Origin\r\naccess-control-expose-headers: Set-Cookie\r\ncontent-disposition: inline;filename=f.txt\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":750,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"794801e54d372a82b66f9b8d8df82d69","sha1":"ccdbddbe21b48d7c1eedadef2ddb187618664966","sha256":"da074f751989a65d9b863cb93a7152731fe3ebea807aa27d8938343357be0a85","sha512":"e379aa3d9251a3aef4011bff97aa6edaf07ac0b58e2d3c881af1d9c5c71b4a7b7a5814d062c7052ec9dd6b105d70e9ab3cb5d75fbe8c5871427b89109b087fab","ssdeep":"","tlshash":"82016856e89c7ef97b5190b7b936a5e925a533861c9c2fd083beef2010864322a4da40","first_seen":"2026-03-04T09:13:08.421589Z","last_seen":"2026-03-04T09:13:08.421589Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2204,"timings":{"blocked":976,"dns":222,"connect":248,"send":0,"wait":252,"receive":0,"ssl":502},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.api168168.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"bd51static.com/7ry.js","fqdn":"bd51static.com","domain":"bd51static.com","tld":"com"},"ip":{"addr":"35.215.189.171","port":80,"asn":15169,"as":"GOOGLE","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.493Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /7ry.js HTTP/1.1\r\nHost: bd51static.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:39 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 07 May 2025 07:20:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"681b09cf-555\"\r\nExpires: Wed, 04 Mar 2026 21:12:39 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1365,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (554)","md5":"b49cd1dc0129f18f8ab76d9249e0f1d4","sha1":"83de531cb19e73636a45aef6c47de3317a61fdd3","sha256":"96cd0cf7391454455addfd9b6a7c18139072db87453b022adf2cabbf4beb119d","sha512":"c32d63254c6e11fa48d1f036e87c4494657bffdafd31c76c5d43fcfe885184e50e33b486a652b9d527cc59a6e9e8e29f6787d24c90b6956c26901090812f1094","ssdeep":"","tlshash":"6921f05f7c05e1246796383a33bfde9ce9ae0025241dd802a4eec4ac6d28ff90527b4c","first_seen":"2025-05-25T12:44:27.079127Z","last_seen":"2026-04-04T06:00:05.18873Z","times_seen":305,"resource_available":true,"data":null}},"time_used":700,"timings":{"blocked":239,"dns":21,"connect":220,"send":0,"wait":219,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/png/logo-cytena.png","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.495Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /png/logo-cytena.png HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Fri, 29 Aug 2025 01:31:36 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68b102f8-ad1\"\r\nExpires: Fri, 03 Apr 2026 09:12:40 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2769,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 203 x 45, 8-bit colormap, non-interlaced","md5":"fffd6b998c74cfe06a545b5abb836c80","sha1":"d47884e34359dc30ac2483c22e981fab73cb0c20","sha256":"8b2058c6cac309a0cf27b4a41f11013fb0fa75dde7c8fc51f81142e484d16305","sha512":"f3b29f12875ad335d8aa297bc6731fbc4e0ba8fdbce1caab4e9a1186e11e11a355950581fc395608b32c3cd0e5715b82665481e4e5d4fc554de037324e7312c0","ssdeep":"","tlshash":"6d511a618ccb3e9cf744f0fe5ee80500261ceb96e4e4215655a485c4e758144efe6ece","first_seen":"2025-11-08T07:22:22.76772Z","last_seen":"2026-03-04T09:13:08.424728Z","times_seen":2,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":618,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"station-lab.com/js/lazyload.min.js","fqdn":"station-lab.com","domain":"station-lab.com","tld":"com"},"ip":{"addr":"34.92.167.117","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:39.713Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/lazyload.min.js HTTP/1.1\r\nHost: station-lab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 09:12:40 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 29 Aug 2025 01:32:17 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68b10321-22bc\"\r\nExpires: Wed, 04 Mar 2026 21:12:40 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8892,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8892), with no line terminators","md5":"fb15a10a641a318f91e7e912e4f9c184","sha1":"bd41f67233facb96976ed7b8e7207d52c03d340e","sha256":"f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a","sha512":"49570d36e5b1ae3c3a4965f7d054258ff676326bee0d9399aa990926e9a762f699de1d09078debadc43b363ae51d740ba33f2e8c64bb223a73d3c62872ebb3d2","ssdeep":"192:pDvu5/2Pbq1Ztbat1oeeC9X8UnZ/HuuwJgbClRL/YeFG/uW1evaO3Ve:pTw/4QOx+R8puVY","tlshash":"b60233487946746b3973f0f6218f02ca353a24426ced6854a6e1f8e82d7858d1463f7d","first_seen":"2023-03-07T01:19:39Z","last_seen":"2026-04-04T12:38:43.861282Z","times_seen":50730,"resource_available":true,"data":null}},"time_used":570,"timings":{"blocked":338,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"station-lab.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/FFMarkWebProRegular.woff2","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/FFMarkWebProRegular.woff2 HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 51660\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b3ee164b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":51660,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 51660, version 0.0","md5":"11692667299b9f4c491e59d7852558cc","sha1":"4957f46238a84776bfe11dd3d43616acd26e5a54","sha256":"6b4cc948e8012ac96ffa03a8ec345720bfd9fb6294864c79e683046cf49bcabb","sha512":"67c997d2d5eee4622cf1eb3ca539c9ecea26538b042831fc8b40ddccb9b4ec4e4453625c57614bafad20bfa3ffbaa95f9e90e941526ed1d0f77e77d21e82d958","ssdeep":"768:Ib7OFRC00kKmkvb8g9WjAnSOnan5eKHGCVrxgWhUXFmwp3c9aEvuR4gFw5l:IOrivb46SOYtmCV9yFrxc9amu3yl","tlshash":"8933029ec5544eb8356d28a32639c3215c1c39493fc55dec34e53a294bcaffa05f92b2","first_seen":"2025-11-08T07:22:22.812919Z","last_seen":"2026-03-04T09:13:08.400031Z","times_seen":2,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":139,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.woff2?78cxts","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.woff2?78cxts HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff2\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:33 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:14 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\ncontent-length: 18092\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b3fe1a4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":18092,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18092, version 3.0","md5":"3709c3003230f7e3377f82c229e33296","sha1":"6e58cd0ab8f12d415a3a66a1c69beb7fedec8f1b","sha256":"62a29c2f4db1ee4b8d9cf32002ae19de09ea23f154b1c64bb71fca1d161d50fa","sha512":"8f12910839f3c1f8ea044204081848b6b3799f8accda1bb83b5093a6887e5a6650d148695050b0e5e61f80464ce18f21b915d32f84fecb2a8dc5777451401251","ssdeep":"384:60sxmH+2iJGYTRDImPUqNHpHQ9sM14fDgrxBzlCLZISQ9:RPhQGY9DgqNHpwj4fuxBxuZHS","tlshash":"6e82d1238fce8bda857b78d5450e092734913371399b248755ebce29b88acd2f46c9b4","first_seen":"2025-02-17T14:04:33.753747Z","last_seen":"2026-04-03T19:33:27.724739Z","times_seen":23,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":190,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/uploads/2022/05/01d273202731e44f0f1187f3afcaf156.woff","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:40.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/01d273202731e44f0f1187f3afcaf156.woff HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:40 GMT\r\ncontent-type: font/woff\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:34 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:33:11 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\ncontent-length: 67088\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-ray: 9d6fc2b59e9e4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67088,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 67088, version 7.504","md5":"eb8a0ce60b4d0b9c58bb4bca76d6b456","sha1":"e65b5187268df8c6c3b7846a635b4b965a4bf0ef","sha256":"eb5e78d45bf8cfe12991c6c62237192c6459cfe28552dcfb4bb674926f2d8127","sha512":"b25869204ce77c9379bef332956c1e0e7ea8cbeb73a9273caf8e410241f26e601d0a06dc569e515346b4583946cd6c52996422523fb3a9ad19a1f5eb0cc4143a","ssdeep":"1536:fhj8aPDXdTJZaTU3e5BKKGe+uK7T4Ztbyf1KMxgHD2sn:a8XRnaTUO5ye+77T4Zte1KVXn","tlshash":"a06302c2b9778d0fe05b217e44cee9eef5882e0995d8687ae815dc344edc5386c610dd","first_seen":"2026-03-04T09:13:08.42777Z","last_seen":"2026-03-04T09:13:08.42777Z","times_seen":1,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":292,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytena.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf","fqdn":"www.cytena.com","domain":"cytena.com","tld":"com"},"ip":{"addr":"172.66.146.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://station-lab.com/","date":"2026-03-04T09:12:41.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cytena.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 18:07:22 GMT","end":"Sat, 23 May 2026 19:07:20 GMT"},"fingerprint":{"sha1":"FF:70:CE:DA:75:41:12:34:07:55:C3:84:D1:D8:34:CD:6D:C7:C6:9B","sha256":"90:8B:94:F6:B6:84:78:30:34:35:46:F9:14:62:49:AA:21:40:1C:71:53:2D:89:21:57:69:93:78:32:8E:61:E5"}}},"request":{"raw":"GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf HTTP/1.1\r\nHost: www.cytena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://station-lab.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://station-lab.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: font/ttf\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=31557600\r\nexpires: Thu, 04 Mar 2027 13:17:35 GMT\r\nlast-modified: Sun, 04 Jan 2026 18:32:17 GMT\r\nvary: accept-encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\nage: 6906\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d6fc2b9188d4b93-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":202744,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 13 tables, 1st \"FFTM\", 28 names, Macintosh","md5":"605ed7926cf39a2ad5ec2d1f9d391d3d","sha1":"c1b9fae262f42868c075ac865a8ab34920e20a2c","sha256":"3d06af1f31cd83ace7a265a014b8fb5dee15770ecac8f7a55555190e627e03c2","sha512":"6ca7651cb70ee32be71ef4088443c4d47ffbf5047f8885bfd45468e34499a190e8f87256f02b4e6b988e7277e2d6a38d2881c1aa3f781e499fd56035f4e57d53","ssdeep":"6144:BtrDdIZG2nqJElpL3im9+3Kz9BngKbtPLLd5MK:v6TnSEl1yt6zzng0Lz","tlshash":"72144cddb69fcfa7c18687bcafd0bd3221e05f10325237e2bd46991e20669c494f056a","first_seen":"2023-04-13T06:15:57Z","last_seen":"2026-03-31T08:27:35.367566Z","times_seen":560,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":367,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xy678kjw.com/webapp/js/lib/date.js","fqdn":"xy678kjw.com","domain":"xy678kjw.com","tld":"com"},"ip":{"addr":"34.96.171.207","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xy678kjw.com/webapp/html/jisusaiche/index.html","date":"2026-03-04T09:12:41.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xy678kjw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 08:18:11 GMT","end":"Sun, 03 May 2026 08:18:10 GMT"},"fingerprint":{"sha1":"DE:E0:10:50:04:19:63:8D:3A:6C:CA:95:82:0F:6F:B6:20:D4:92:B7","sha256":"05:91:AA:21:AA:19:12:43:42:22:0D:77:42:78:53:83:9B:D8:E5:54:7A:04:30:8B:B6:BD:03:69:67:32:09:F5"}}},"request":{"raw":"GET /webapp/js/lib/date.js HTTP/1.1\r\nHost: xy678kjw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xy678kjw.com/webapp/html/jisusaiche/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Mar 2026 09:12:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 02 Feb 2026 17:15:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6980db96-1edd\"\r\nexpires: Wed, 04 Mar 2026 21:12:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7901,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7873), with no line terminators","md5":"d372d65bf3cac7dd5c8e01e537c1f3f5","sha1":"20d5f82e581928efd22c6422bc0fb6d30f30a4b0","sha256":"e9768904049bc1ebda895c104e828ca51fdfd0ba507c6af453738bd359580b12","sha512":"d3a60553c0d9854a973c563033bebf0c4ceb92699e3aac25b664195b66350089d20524a952c316f7faad5d2eba8dbc05d12bf0a9684bb2fbc3e34f29c09f8d24","ssdeep":"96:JUAuXHhJ376UYX6sfWdJVeAflACAEYB+zq0LfUvsHFH6+PpDQAyiDJpeC78Rf0rq:CAuzYXtANACAEXlc0DQIsRfPcmF","tlshash":"a6f11f4270303048237a91fc74ce928a25f06dffd61a415ea451fa8927deb7e2b7b219","first_seen":"2025-04-07T08:33:42.67714Z","last_seen":"2026-04-04T12:32:58.586801Z","times_seen":1191,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}