{"report_id":"e1b34cd8-3837-4452-b3eb-278009ca0dc7","version":6,"status":"done","tags":[],"date":"2025-10-06T04:21:23Z","url":{"schema":"http","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"title":"Claim Your Reward!"},"submit":{"url":{"schema":"http","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-10T04:21:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.ak2yy.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2022-04-14","domain_rank":0,"first_seen":"2025-07-28T00:54:36.726993Z","last_seen":"2025-09-30T04:59:18.726408Z","alert_count":126,"request_count":63,"received_data":384666,"sent_data":25808,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Astro:5.1.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]}]},{"fqdn":"cdntechone.com","ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-12-24","domain_rank":31929,"first_seen":"2021-12-24T17:09:58Z","last_seen":"2025-09-29T02:35:40.856993Z","alert_count":1,"request_count":1,"received_data":17280,"sent_data":378,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-10-06T00:34:29.689436Z","alert_count":0,"request_count":1,"received_data":836,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"datatechonert.com","ip":{"addr":"185.49.145.45","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2021-12-24","domain_rank":17968,"first_seen":"2021-12-24T16:44:17Z","last_seen":"2025-09-30T12:13:43.303099Z","alert_count":0,"request_count":1,"received_data":482,"sent_data":551,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"6c2875f1a9aa4e7aea000433b300f345","sha1":"19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8","sha256":"faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f","sha512":"8a3b447e6a31f96074144e2ad123595f40ecfeea5083cf8e1aa1d69724b490d55d505fef1cd8c27c4ac1bd097cc3e099d385f1de371e91a6a30f31d54b7a25d9","ssdeep":"","tlshash":"aa6000302f8030b280002002002a0022000a8080038000820080028a00228020820282","size":17,"data":"","first_seen":"2024-12-03T18:23:39.020248Z","last_seen":"2026-04-09T06:28:40.544203Z","times_seen":4994,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/h97254b1c-DuuI0eLv.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"1019a609db5bb944b0dad6d282b21723","sha1":"7a269106ace6a2456a30176a6125f494f6491e63","sha256":"34f9d6aa8c30b576df04452a49d4872762ecefe2eb99a3b69723e61235f38722","sha512":"1fa644283e24645899ba097c7b1a396f5704eee9ff92b31601c0347ad84dd45ce707008c14fd21e38c000d2d88d481807a77ca80bec60c5334114574255e3a8e","ssdeep":"768:dkVs2ySwKPusCqhN5yWvTghMhq5InZGglOhXRaAATx+Ew70QfIUd6krYebRlNA0k:SVFvwKLQhbATx+EE9dAykafPwh5t","tlshash":"bd434f9ed2129fe988b31798b95c2a11b22d0d0ded4981b0ecdf0f161b6dc87217b79d","size":58298,"data":"","first_seen":"2025-10-03T19:54:09.785256Z","last_seen":"2025-10-06T07:31:07.109312Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g7004738-RvWgQyis.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8afe514cc54e977f97e7525a5d5aaef4","sha1":"9220f7c58014732af976ac87facad94dbefc7dbb","sha256":"dcf182b8d4d0fede6a8bf5066fcaaf0349b0a57cdf24a80d8bba999fe41a68c5","sha512":"862790ff35d6d7ddfddb9a61ceb8fc5bbc11cbd0083d628a942e7296885e52fa600e24948f984106a6d9c04e491ce101d02c89e99b55d5464c1ff8d6895cba00","ssdeep":"48:54ighIUhvH++y/MU5NA4ZY6mYgAa0jRK3sNrNFLgtlzTVQyguQYKfSGF2J/s0Vgb:5Lga8Fy/L5TZLB/ONckOXCmnLSqSjCkO","tlshash":"f8b197bad254772ca13752dff2888a4cc9242941e367cb2ae3fe5b39035115912b9af1","size":5586,"data":"","first_seen":"2025-10-05T06:29:29.134472Z","last_seen":"2025-10-06T06:19:23.570441Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","size":16490,"data":"","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-09T02:04:50.43899Z","times_seen":9062,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p407bf384-G5LPkhlX.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9bcb1fc037d2409325880293b4f16512","sha1":"f90f674701c0be73c89a2d80e785c5e3b4951f3b","sha256":"676ecde82e041c768b0cc7d074feeaae87f220c1c05080ca428a1ee0f9dc0447","sha512":"439fe5ed194a72a39128b2d70900b8007ea3b5dd6ab326d1d306f6c34e197a416cce6b2c8b578d53012d9a3553c35be814f5a91ce4ecd254e12bd7160541888b","ssdeep":"","tlshash":"9b11238b05f047e6c1a332dfd5125140755a54333bcce7d6a2ec0b39072228aa618f82","size":892,"data":"","first_seen":"2025-10-03T19:54:09.72618Z","last_seen":"2025-10-06T07:31:07.108581Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0fbb7dbae3c20bc81da1b8bf41c13e8e","sha1":"f333d36b1dbecd026483e78eac843bdeb2dde04c","sha256":"eeeffffc79c48f4fbe510fc3fcdae29885a18a48ae121968e03fe502fb48fecc","sha512":"1e82716fa5da363b595ffc7b569caaa347df281bc89fb9d62dd89d2dec789280d9574694f6f78d250922e8d0d3bdc8a637f5748d7c4f4e5cb4e5465106542e0c","ssdeep":"","tlshash":"9ff0998af3c8b623410666e5321b801be67e1851b407a864a0a088e2ac7a449c189f3a","size":636,"data":"","first_seen":"2025-03-04T04:04:04.143618Z","last_seen":"2026-04-09T02:04:50.442584Z","times_seen":3341,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p38d410fe-jDQcAAHE.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"e76bf4e46e005b5f0b9cefc8adff0ecf","sha1":"ab3b1146c00dd2e0a2ff9a8adb3a853e8bd03c6f","sha256":"c0930412c1702092a38dff42130f07588699f1fe9d7d05b2a0072f9320095b62","sha512":"709f06a144e678f50e7ac93481a2b1e1272bf615bcbabbf3a36b562ffba14b31a2927deaae4843a70358567d3e01605d2ef6ae4acacbbeea816d2540623ff71a","ssdeep":"","tlshash":"7a61446967fa3b6f4ca92b7a524dc10f163e1c0ba489c6346c97cb2cfd5059c38b0b51","size":3231,"data":"","first_seen":"2025-10-03T19:54:09.823931Z","last_seen":"2025-10-06T07:31:07.122128Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/i56b7e6ff-COuB6Raa.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9ab975390d8115cb8a64837372b9c8dd","sha1":"3f49c166231c3e404083161b1befc4199ce31273","sha256":"5174602e539f11c86a8c617f87a964560d70839725a233376a9e5939bbaf2de1","sha512":"347d9bc3548844a6693028f457a665ebef7abe40a8fd78b3c5e8499c28a72bb3283cf7ea8f6b2f715bbf3b20e9b101c60c1397723e580c319048e14e41080557","ssdeep":"","tlshash":"e331128d94b0a2f981aa05ed8059e931631502177244ebb0b07d4f29976ce8fb917747","size":1466,"data":"","first_seen":"2025-10-04T01:04:38.757065Z","last_seen":"2025-10-06T06:19:23.569812Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/cdb4ef-CUrrH_ib.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c15f6b1428cc1731d96e055589ee9f49","sha1":"595808876158eb2c875296ae8e0ec10afc82d7cb","sha256":"ddd608ac18ac88b094db3d36c649e67ae53d51ddbf063ea0c43fcfa3cf230fff","sha512":"5e02d970e8afd6e905c1027b74b409cc706e8dbe7a8cfee0b1dc833810f15564642e21327fc56da7e368e8240fcf6c39eb12d88fa6201c0167267066874c2c8f","ssdeep":"768:raQWB93EFyzwaz4+BlYXed2vhfZk8eA02rtWPUfh0UpkEugFn1cL9g7AM8wC+KbQ:2QWqyMaz4+rvO01gpkgFnKL9D+//","tlshash":"476328a47456b03d47eb70b6903f1a0af37a000691ae475ce712caf52ba4d1d622ff5d","size":67618,"data":"","first_seen":"2025-10-03T19:54:09.80147Z","last_seen":"2025-10-06T07:31:07.118747Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dfd99552-n0HasRg3.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c15483655546c31e5f7487d816754022","sha1":"499ed0b736e2017a9b7e4fb50fc471aac3ac87d6","sha256":"e2a5d9ac544085f3b30e065657ce1d1c23ef11111f51c9614f9cef638c6d4281","sha512":"9b59ef0bd77346c51e1b638bcada784555b8588c1fcc0f8d8ad16ddd2056b12d0599d783bc505b2b4ed1e8a9526e1ebbac75323f0c6c85b2f36fe184816936eb","ssdeep":"","tlshash":"f731968ce950969c443529bdc36d14656f04377f53dbcb00e1b8383f12592c8b613f52","size":1646,"data":"","first_seen":"2025-10-03T20:26:44.051415Z","last_seen":"2025-10-06T06:19:23.547767Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g1fe175b5c-CapbLVyi.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"6c991d65acc7e7738b0a3e911b400415","sha1":"7f860f9fd875ed603eefa67da03f17578237f554","sha256":"5a21babb35f1471d2f2a241bd5e89d098fddba2f8436a997f0b4e3b7c24b1b27","sha512":"ea70aa2f59db9a5c2ac11afbef2a64731aa93501e5ccdf976c1b971bf9707ef3a5769a81163b9ceaf20c5c777843700697710de848ac568e587531979c9eee98","ssdeep":"","tlshash":"d5414e57d264a360b9659cf8c669b12171372347c7cacab0f0ee86741b6812ae31ca42","size":2432,"data":"","first_seen":"2025-10-05T06:29:29.138825Z","last_seen":"2025-10-06T06:19:23.577988Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d4c131-D-ZGdCsf.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"fb9ea37d2a6126124c24c220e3f6c5b8","sha1":"b9f390b482c233fbe76aec24a5a653e73cb2fd19","sha256":"1b61f600c156e5f4916f79f7f474a2fb7051586ca0d49b268bf7a47ef01a36a1","sha512":"22ce36089aa9e4d0ca665061f8064d6c2c0f18e6514b217c9d796ccf5198477a91e2fcbaba48f576861f3006adb8c6aaf5c40afd7c6c8cce49af101bae96da92","ssdeep":"","tlshash":"1461d854b2512bbca437498ae98e884d7a467b51df0ecf9af1fc642a03cc0497b1934f","size":3347,"data":"","first_seen":"2025-10-04T01:04:38.836525Z","last_seen":"2025-10-06T06:19:23.56467Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bff796c0-DIy-wx5s.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"7d70e2d4231b892a54573944d05f1e40","sha1":"6f3f27356f4dc0c3789e5215b237527508bba670","sha256":"d228c6f910e6554517adeadf31010c6c815478c4fbb4f73c436ba240dc150fa5","sha512":"cdfab1fe3fde7cef1383447d24e2d5840e5954c7a6cae56ffca4e559ce3ae43c461dbcefe61bf60c9b1c3f4b907bcf77f3b0640f13b8f23e3bd7f0d4bccd9035","ssdeep":"","tlshash":"ad3143ce26f02571855d14dcf63b71c5b07a1062718e8590c03d4e763eaa9cbc3b2a8f","size":1750,"data":"","first_seen":"2025-10-03T19:54:09.847218Z","last_seen":"2025-10-06T07:31:07.12103Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a57908e-BTUEIGJg.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c4fff0cc5ae289b0b99ca665e2ec1d78","sha1":"ef0b8a05c7658bea3253285705158e8d0de19153","sha256":"c6961c6bc30d6ddfa36a4a03d1abfd87f5edc94a1ffe48daf5405332dac8e819","sha512":"7d006cc18973757f86c96947d082c6d703623f3296066c53418e0532dffadd7909a88948da77df693bba5e0b1e887cde8ea3aa8265b520c073039449fb38ce5c","ssdeep":"192:GXe5In7VIdX5tVIA2IWTeYhveJxzlgngnkYIKCwHnHo9DpNC0lc:GXe5In7VIdX5bIA2pTeYhveJxzGEtIDW","tlshash":"f4e1e7dad4bc1b7aa7451ceef851112bc7212386219de9f0d44e8f7c2790b076039f99","size":6962,"data":"","first_seen":"2025-10-05T06:29:29.132527Z","last_seen":"2025-10-06T06:19:23.542923Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"df3f8e1ceacd5f1656193ee4efe6a164","sha1":"cbde94f5e67ef98af624dc3a30fc6cc548c80060","sha256":"858ea928c98e6197162fd5679e2d1d6b13aa89d0214f08e3e02751492c47b5be","sha512":"b0ec82f10502cc28e052e3470d7d3f3b60d79bd1cfc31541fb119a48f76649fa81976c2216e5d306284aa69b70e1486149061655d7900d5584c513818620f7bf","ssdeep":"","tlshash":"b3318587935a3b587c30e528096ced28820f49d158dd281e9fc40a476542b0fb9f8de9","size":1469,"data":"","first_seen":"2025-10-06T02:19:01.622779Z","last_seen":"2025-10-06T06:19:23.585191Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g10b308-nxcM97u7.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0901bbd2ad792c8ff544014b5d642200","sha1":"3923c623edb7c37a7f50fb294478370a2504b8b1","sha256":"7fb59cfd7cbde6da313c9236c9ee2da89ad6be891793e63df77d7b7b22329ecf","sha512":"521c2f52f2bb24bd554b3ea13247da5a9c28a18515cbff2157de39468c032401b1faab8297bcd4ba0385b33e3fc028c6353eb3dd484ae44d23e8721649264463","ssdeep":"192:EevXII5n5VdX5engMPzsPrFgIOkt/OtRiLE8i5RWbis4M1uH0Wi:EevXII5n5VdX5engMPzsPrFgLkt/60AA","tlshash":"8e02f79860d92e7cc1db4ceda9108459e23f0a69b94ec5d1d3ad6c7c419194422bbf8f","size":8374,"data":"","first_seen":"2025-10-03T19:54:09.750716Z","last_seen":"2025-10-06T07:31:07.126679Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/t522c608ff-CLmWCo0r.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"1ba47e5063d3b7037bddcd0898b2f901","sha1":"6822a9e9de13b81adf22ea0fac56d88566f4980f","sha256":"56a52b97ff3e6011305b53fde73a56dc41e0babe71854f4fd516bd005f948765","sha512":"f068872b48e76df88970baa0dacb1dea07ff4e85160d1b0342ff08a72dac6b5ab7877da801f7a3107a412cfdc4eb459c6e4b1bb05319972c39a2591cacbcd5e6","ssdeep":"","tlshash":"8651e08fd12610594f94cfb9fc7926573ae6c22a39c28d4863c4a83c41e4bd5227f7a5","size":3085,"data":"","first_seen":"2025-10-03T19:54:09.810823Z","last_seen":"2025-10-06T07:31:07.120417Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/cf705b-DJBJ8yhX.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"95ed3eedc0a3608216f722e795a94317","sha1":"956699f6e1798b349952a4274b5476d2eb290cb2","sha256":"c0eaa7de9055609202e646f8656fc602227ddad3aa183cf839207b5e8c320f13","sha512":"b47fea8d27a2c3e6c384e80227bf17d18cf480c1383bd5c7655cd8450a8787b32fc62b44de0440338c77ef78237170b777c71a0479431357ec81bde2455cd54c","ssdeep":"96:k/abuYz6zuxzvPdBb9QQNaAwNSygH/OgV+72:huYGSzv1B1g+yAOym2","tlshash":"0891348fb47920fc7697c69e7173e197163b21062989c1b4a5d74f3806a0249a37fb4b","size":4309,"data":"","first_seen":"2025-10-03T19:54:09.757231Z","last_seen":"2025-10-06T07:31:07.1154Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k06e0389b-BD3VBnuq.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f45a53fdc407595bf9460eecdb602310","sha1":"f23524f01cf0c7392c0d2d4eb064c02d35201bc4","sha256":"f8b00678741df33fee8cbc8273a40ff0cff02e9891142842d4c8a711238ead9d","sha512":"aaa671f19051236f5d25782d49e7ee43e7fe3f243864549436695819d5d809fec25dd4c6be00151907fa932ee1edf6dd878958571bf63dbd5e5c8fdccb59fe2d","ssdeep":"","tlshash":"7a01cb89dab0b269407f39bcc519604a66761137cbcf8f62f2fd57342759ac6f904213","size":730,"data":"","first_seen":"2025-10-05T06:29:29.143814Z","last_seen":"2025-10-06T06:19:23.581056Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e4f65f37-DvnaLLLN.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd0bdfb3226db8ea2be445cdc736170b","sha1":"28354796eb2bc0f00c8acd31c79bfe7ebc1a5385","sha256":"46435d64c90888b89b25d81709038182b322d806f1f5cb77905075dfe515be95","sha512":"91ac137d79e0a0dad84dfdee028e2bfd2ffaa131e810cfb645c6c5cc2a2cec1dccb98a4be3decd8b9b30947e0b4d12f6fa8dbb0d98e22a94ea42f5340211f1ef","ssdeep":"","tlshash":"1151b5be44d8a83a0a0c35dfd53681663d1828437c1dc9e1a57d8d2e23eb084e13de37","size":2712,"data":"","first_seen":"2025-10-03T19:54:09.728268Z","last_seen":"2025-10-06T07:31:07.11824Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/q5ee44c6-CxFn1JMn.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bfdb2e62e4d6638abae7a204b588168b","sha1":"5664d069b35db2a41300dad1926a7b91fe6a1c22","sha256":"6895af9d8691376837b02b73357fedcdcbc382617f05149bc8dafbc6a90692d7","sha512":"8ef432c7237016205f18cc531b0284dbd18c6123fd80794c28cf4607412d21398d5f37ff535f0506c9133efc925904ce545f0f09abc940caf991cf875baeb23f","ssdeep":"","tlshash":"8a71d8cdc8e5c534519f35de1028216076be4e1b742c8388907d0f3d8f5db4ae485b5b","size":3701,"data":"","first_seen":"2025-10-03T19:54:09.744607Z","last_seen":"2025-10-06T07:31:07.131048Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f2ea148b-CuXbrhc9.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"2553ae31f5fa9a71fed84798b5735e83","sha1":"0fd849c5741ab96d21664d4f9b8cd3018750e2fc","sha256":"ddf3eacee27a43ff3cbe83822ce1bd7a0ad3db0ec464bc0fa9a85e231e549328","sha512":"b109993391e5843b5665237c0bf50b4620809eb49a5609ece4b6f9e5349ce2658dbec7e7b3f986e794b6a9cf6bdb065f7a81d358a2fe43d103a37e308adf335e","ssdeep":"","tlshash":"d1413203b13292b5a155388fcb61724ef7b15b573ae8c4a4fc385c2153c958b9b2e729","size":2429,"data":"","first_seen":"2025-10-03T19:54:09.746566Z","last_seen":"2025-10-06T07:31:07.114239Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bcec8c4-BSR8zzSG.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9e9e6b8dfc6dc8bd0c6fa40320c38de2","sha1":"b23a7c07212273dd848deb698d5b1fe654e9edbb","sha256":"9e74b1d1908ae93f67b9eac8786be85fae8ea9a1538ad4bd7280293d23c665cb","sha512":"738da3e8f07d3bef15423eb74b2ac5eabb0827a691e288846df5b722e19dd96545e0ec1690b696506e16a141883d01e8eaaa68eb5216f696d4b954f7d2cd8669","ssdeep":"","tlshash":"cff0a2f546f015b8804a13afa278774339ac01b6239d5f52b13c8ea93744dc79700e8b","size":631,"data":"","first_seen":"2025-10-03T19:54:09.848563Z","last_seen":"2025-10-06T07:31:07.107624Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f45857d57-0EDmBYJf.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b160d9d8a7bec51a9a2e3977ade40cff","sha1":"3b913f1882a9efad26f5dbd4e607bcf09e963f2c","sha256":"51fe7eac778533573a29e220defab656a92e3afc2617929341ec952c5fc280c8","sha512":"521b455b00ba71a41a0104fe9d65d0cd0424f9c2889220ae332986dc526546bd0ccfd0d7c7e862fedc80e17fbd59dac96ee4b4fe3e674a9f51af3fc3e11c35d2","ssdeep":"","tlshash":"ff413057e46482a1582acdfcc075d425a57b2397d3c9cbb1e0de4a350b68239f206bc2","size":1919,"data":"","first_seen":"2025-10-05T06:29:29.137783Z","last_seen":"2025-10-06T06:19:23.56638Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j475f52-CqGMK-F-.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc0dc32553824bd37d64e968c445a50b","sha1":"c08bce23fcc848f23839a0d11febe3b92529f41a","sha256":"923a2bedae140e661971969ca8efb8d7a55d2048804c13d683e47f5166856c3c","sha512":"ba74226eb4d86eba3df3286eaa4fafa170d8c42a8be3900fb84640c93cfd828fcefc6cc3a60d9f4d4ac9cb96f3ad35daa5b9126cf8816e5fe2eff1816d12d659","ssdeep":"","tlshash":"5741449bd078027265119decc863a566b3ba601322dcf7f1e0ee4bf123a5226a218747","size":2374,"data":"","first_seen":"2025-10-05T06:29:29.135704Z","last_seen":"2025-10-06T06:19:23.552478Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/r1ca7ee8-ElEfeo3d.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"71144f8ac0ce34b4dee38cfab20de3c0","sha1":"2896fceecc1a75b41a1fab73bd6264ca0dc5ed6f","sha256":"c892b7c98c9b7ea953a33eae4cc1e04ab46c62f9ec49f2b68a9ec43d9c607172","sha512":"7bc68a80e1e40afe26422a2695d31aa1294f23d199ab66591bcc45ac86b592daff243502915692da2aca1ba4b2a8b201f1714748331c294b7628dd9d3b424b9d","ssdeep":"","tlshash":"5141969c84f8687880b95edcd276f633710e9933385d8ad5a06e0a36277ed825198b32","size":2046,"data":"","first_seen":"2025-10-03T19:54:09.724926Z","last_seen":"2025-10-06T07:31:07.12436Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/v9d8b4e8-CzkIiLlt.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e91ee5265b0ab62a0df1a68b3c20ab66","sha1":"7a0177dfde4db816b9411a5d7ca72513d0ed7a03","sha256":"4082920584190236e7cfda21553923a0c7059b680a39360bd8098d01fbdf5352","sha512":"4174eff24ace08af164daf89048372d4842358dc30b6b9eb32db644bc572a3dcb71c7e54ecba46c32f58d30f0f9196af7c1ce6d7deea79698db52f9611063b04","ssdeep":"","tlshash":"793140df89b04bf8c46b81e6e21af63473590647e28ca70590ae0d301732e4ad32ab57","size":1713,"data":"","first_seen":"2025-10-03T19:54:09.749453Z","last_seen":"2025-10-06T07:31:07.115996Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d8dfcb4fb-DtiKwHav.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"18f18b0a3912c75e68d857b1ea7355aa","sha1":"01fe0d375310ed977adb96971bcdbde64bc76eb7","sha256":"19b4630e6767d69ee5555ba1bef9b27694b252d2283d8d3a03ac2a8dca7d2478","sha512":"428259036742bc7c8af20e3b525af247ebd924d1d987d54b62da26979868d7df17791c5c9fa19633062a59688fe84c436531d384b043d42f1510930f964ad78c","ssdeep":"","tlshash":"54210388a1e003ad494f11bee27d604a78450233dfdddb51d5fc663d1beb0999901f85","size":1140,"data":"","first_seen":"2025-10-03T19:54:09.849732Z","last_seen":"2025-10-06T07:31:07.122643Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e447ea061-D57iM0vO.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"8f10a9278f3512779916ed780f4500a2","sha1":"5ed1189c39b1b44b1667bb273e97dd394a90c5eb","sha256":"0a8b2646bda8538ec825ca5dba7c9658f6a6aab27699e430aedcaea4822c1979","sha512":"e4d95f6d3042d96bbc41d0c532d785a93d3b3b64094deb4523bcc506c8332ef42ad3bd9e3981a9663d018a9055e106a47370d645b2eaf0899d57cbfdfc1b3a47","ssdeep":"","tlshash":"7e11124a7b64197d101915ecc014e920420556693bd80fe2f1be56be3b7afcd7c23b17","size":1066,"data":"","first_seen":"2025-10-03T19:54:09.752775Z","last_seen":"2025-10-06T07:31:07.123786Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"6c2875f1a9aa4e7aea000433b300f345","sha1":"19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8","sha256":"faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f","sha512":"8a3b447e6a31f96074144e2ad123595f40ecfeea5083cf8e1aa1d69724b490d55d505fef1cd8c27c4ac1bd097cc3e099d385f1de371e91a6a30f31d54b7a25d9","ssdeep":"","tlshash":"aa6000302f8030b280002002002a0022000a8080038000820080028a00228020820282","size":17,"data":"","first_seen":"2024-12-03T18:23:39.020248Z","last_seen":"2026-04-09T06:28:40.544203Z","times_seen":4994,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f7a580f0-BYhIXBak.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ed4fbc70cbdd8df6bf37eb280577118","sha1":"f582be984db2b16c97f6206e15774898ecd7bea3","sha256":"f0f24e73a09f7bda664c32eecec2c25e5a0f05f19da2d1d2f9e8241fbb756604","sha512":"5e35afdfe8d0a57d718eee1064c2e8dea68da4b747669286703804de2eb6da9ae6f8775d86fa83d1760738f7a8ffe7d33ab069b3639dfd7d8095a701783181ae","ssdeep":"","tlshash":"6a11ba8be6b4621061659efdd525e17822bb012b47cdcb32e1ef07790b211bde000e93","size":1050,"data":"","first_seen":"2025-10-05T06:29:29.148336Z","last_seen":"2025-10-06T06:19:23.575022Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n7266b7-D0RBAWxK.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4244bc1a202894b3871921bdc5db6456","sha1":"48d11b7480cd732f36a188126ec7636d1bb1625f","sha256":"81d2cb498daa52877bc3ba841e0d93425f85a970592676c9899822cab0d43b8f","sha512":"3b4fa589f6c1973a5f130427f72568cb6f20fe260f75f95f89aa82fd24105f1df4dc09a520aff6ecc3faed52fd78f44eed8504e2365b4d7543bda15ab5fc5202","ssdeep":"192:A5eXAPn7VIdX5tVIA2IWTelg8QumFVvUfyNdK0jZtDiF/0LDDazOY93cvuJBEZ:A5eXAPn7VIdX5bIA2pTeG8QuIvUfyL9v","tlshash":"e4e1e889d1ac0a76d212a8e8d980951fd27b3782728dcbd0e18f4df923c875591b6acd","size":6941,"data":"","first_seen":"2025-10-05T06:29:29.154198Z","last_seen":"2025-10-06T06:19:23.545254Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4c1af0f7b285642bb8af9be1358ccdf","sha1":"99684de7c628cfb3226e2859359829cd59044f4f","sha256":"1232c8f0c830c49e369ad8e76abf02d09bf431195fc82201480edc1515c217db","sha512":"b474f80e218865474416415cc857664a6f1e0934a4aa82ab217111f4baba262f92b0b9b69c5e5eeff8677b28bed39967e8752d16310a6b2d3bb60bd431603fcf","ssdeep":"192:8r3c1SyRoFCbsFOEzBr4WuVuYoe21WUfcdova4EUAMRjlehEeVGcnW/RGGb5ao8o:8XCbPm0WuVuYoe21Wucdova4+MRj8hDY","tlshash":"d922d6463ee7f2412e2467b1c07b9111b3f25952316ab192b91b7522786108fc3f3fba","size":10465,"data":"","first_seen":"2025-07-24T08:17:40.839961Z","last_seen":"2025-12-09T05:17:14.075084Z","times_seen":1721,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1cf6c595fdc466357498f504067cf83f","sha1":"2158f8e1963e28ee9028c6231ee4ad17df704542","sha256":"34597e7c1dd3a33f796a5cf3a541b3c34b24bbb7171c7233e4475a5af33cb4fb","sha512":"9a22ef7fcb11d6e078230461865a9e2d1e0b0a12c41ebfc3f5f4d139e85962c9522c72bd7ddee9719fe2c09fe72d383af7c37015924fb1694b96071337cb0593","ssdeep":"384:8yAnZmu3m//TrjY7zy0Ni5RG5TgDhhW0Oxn8l+9JAgVLNx0eqh881QMXFXnU7C:83Zmuk/yzywi5RGdgDhIRn8lPgVZx0e+","tlshash":"e08210d5df512050321ef70be267982276667e02b7ccb220a86f1361e1d3dd99b739b2","size":18768,"data":"","first_seen":"2025-09-22T19:20:25.036241Z","last_seen":"2025-10-13T15:36:21.000339Z","times_seen":449,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/v82c158-B138qOTr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"46346e4945372b182d1d6a15f6600bf1","sha1":"5c9ebda18ddfbddce34215c319311765d87fc50e","sha256":"c79ed1f0dc50a6471e962d8b34a48e83efd9f14fdfbd9fa7dcbccd221599cdd8","sha512":"1599daee32ac99bc9c686c133f3acb19ff62b6a5102289a68233ca6907c747780d097693e014b0677c91f8a3bb526260ea190b3e9e10dfade250cd827433281f","ssdeep":"","tlshash":"3bf09e8e59f0626a8046237fd16f9d45309502235acd4f55a27c5b7c1376a9eb901b83","size":520,"data":"","first_seen":"2025-10-03T19:54:09.775914Z","last_seen":"2025-10-06T07:31:07.129963Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c7fc01d5-uKiSnrbr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","size":421,"data":"","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e8dd6bea-BrnrHWC0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"4188f4de6a1e7e7f17ab8bb39aced471","sha1":"d76868a2c259d4b465177cda72633c30710e6ad4","sha256":"9580f3426a4d266e7634cc508bc0192ecc4791c6287e125247f8c34c6d3db53b","sha512":"43506fe670698c289bb0d8ce050c15e011465f6bfe904ebc12d1148cfe6fc7117614f910f52b41522079cfdefb294e2668bf2aeea9a5b7bf606778429ba86306","ssdeep":"","tlshash":"7401b8ebc5f0a768940f22ddd5291023379252474bcd8f81b0bc0a3a17a368a990eb13","size":747,"data":"","first_seen":"2025-10-03T19:54:09.724009Z","last_seen":"2025-10-06T07:31:07.128856Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w9b438a4-CgZyzUqr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"bd5efc8f85c6b8a41e0339d299167fe8","sha1":"65a108bfa2a71a2e87e0b9437306815b825c3b30","sha256":"cef84d17dfab6057751ebb114e31e871f708dc7a25e0c401662a584f1e918e3a","sha512":"a5397c30e312d823cc388efa2903abda4198b6bdb40283a5433e0273a795c66fae7d3a65eb210427e5138c674d9f4b54fb9975df760b601426710ad42a771dd1","ssdeep":"96:h0RRatOb/QIlnLp7hffez9YTGDQjzHQjPki8QjIIVzxJz6M9NzMmgUV+sszbCT9H:WRXDPnPfez9YaYg8FIVz/6M9FMmgUV+G","tlshash":"83b1a4c5d0a9dafd0dff6bde24a0c16273504e073c8ad934f2654c2a27b9c06a1ab747","size":5344,"data":"","first_seen":"2025-10-03T19:54:09.722104Z","last_seen":"2025-10-06T07:31:07.127235Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f6994b72-ZDiYypmw.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"326b25ebb739e13ee6a5102126923d9d","sha1":"8e3c39932f3a7075048e62636e317cedc5b664aa","sha256":"5713f852623cd387867dea077c120ddbe0fdd1762bd2ff0992952e8d8ad32f31","sha512":"02f964a5d77184922e101775f2e8fad9635a464acfde10114bd8c2bc48f43f6ac1880fc886cc81a04daee80cb7df79df9a0c6971b903f0210c65029db491c292","ssdeep":"","tlshash":"f501fee647fca7688814136dc4062101a61590b322fe8f90b17c0b2e23eedbaa619647","size":696,"data":"","first_seen":"2025-10-04T01:04:38.812053Z","last_seen":"2025-10-06T06:19:23.567397Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a6ace403-BtCsbJwl.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"6adc113a57d9a072b943c08c0e6ba367","sha1":"feef0fe40524fe106466fa1a62d2e057933d400e","sha256":"42b39b9abec5ce4bf97ff4dea03d8f5c610abc9d92e26afe346700d560961518","sha512":"9ea93b2d76adb80b9a1f67dc35ab3208994d2275e4b85a2b07fa5ad6b6409b3c8a9ebef9a3b5b1d02d82b778c49b37ef7432f9292225bf9d6de7783af8a0aff5","ssdeep":"","tlshash":"2ef0278687f05b98820b328dc5a528467588017752cc8f62f1bc1b796bab9eaf421757","size":467,"data":"","first_seen":"2025-10-03T19:54:09.852613Z","last_seen":"2025-10-06T07:31:07.123234Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"44646c74c0f3cc6057b374b25f9174c4","sha1":"23030f0c8e03e8415d14ae3cf5140fe73afc3b82","sha256":"58dd21a9e9358c46ae8658565555de40f6b9043ddfd2bb0c766c1266dc350b2b","sha512":"1cb30f6404970f58e51b2a0262651b62921bd7aef22003b0ccc7103b2aa463f34668caa59f2b98b616eb9af809083a4e46e3eb80a4e1892d51c1bfd714f34240","ssdeep":"","tlshash":"6971a67813511bb23ddd90a9dd286ec3dd95243485da887e744e5cf30618d4381befb9","size":3593,"data":"","first_seen":"2024-10-28T11:36:57.127078Z","last_seen":"2026-04-09T08:37:56.691068Z","times_seen":6014,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba0f4e77cb3d1968e8bb09e81cc6345e","sha1":"c3dabda4cfc7ed18627ba989f8ae8766b1ce4933","sha256":"7885d6bc09b192bdb9d4b2599239e210ae4b70f1773646a96c97a9a21c184487","sha512":"57baf1a1c836348e36fb6c38e649c142601110dd231faea9bc2a5c9c653c4b014dc4d02b3bbd7dad06a67eb2418bde568ca6f698086f9ce179718b5b1c56261a","ssdeep":"","tlshash":"f3c02bd612f36130f3ab40c7838f31c300207016027840d351014c70101c4494594e30","size":130,"data":"","first_seen":"2023-07-23T05:20:44Z","last_seen":"2026-04-09T04:30:56.554226Z","times_seen":6723,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j5765a6de-BcLuyUIx.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f31ad58f9752451edc6ba0932b3676a0","sha1":"3d3b008452d9e95d0aa59eefaff63e93d8411771","sha256":"d77bbd1203628fc23938dbece301e5233400dab806de6fa2639764f2cf21b5af","sha512":"138f979e299a833a869b92e95a2f8c91c9c865bdafcaf2d69385e73f2f8ac93fb1c981f3959a3757783355ba8995a055acb132a82d5fb30588ff0bb87cf483f0","ssdeep":"","tlshash":"d54197a972751b7cf00e459ef62d828ff0167786da4eca50f0bc4c1a175d890b746f81","size":2173,"data":"","first_seen":"2025-10-03T19:54:09.755966Z","last_seen":"2025-10-06T07:31:07.111293Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g99ae0db1-PAktByuT.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"640833f0d9ca87cc87df0b69285249f5","sha1":"e4a73e725f43e962fb31b6708401f68f9c805307","sha256":"02dcf133cdd74bb98dfc4ea5e3f1eb4c436bc105a190815f799022bf9e340b9b","sha512":"cdfec64705766497ed18bb5b1e43d799f2abac6bc14cfc4857cfdfeec854fe3127a8b0fd8e72417b998daa07003ed870cabf20d023d0ee7844559d13c6212703","ssdeep":"","tlshash":"db01dd8e49f86594c01621afc26a6252b2554127128c8ba6e23c0e390775abfba15f83","size":657,"data":"","first_seen":"2025-10-03T19:54:09.820394Z","last_seen":"2025-10-06T07:31:07.130473Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w0841e6fc-CrgqgaXS.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"379476baeb012a0843b82ed44fd99440","sha1":"73cc31ed4465aca9b9de68e4dda2327c993eb9cb","sha256":"45bbb84b7ca804ecc4a941dc7b8783432c240773de6d2da9fc2ea8601433cf89","sha512":"59a5c94d743fc251e7c9d36d18fa0f23b518f68f4f92e98d7081134d2b273807d14cab9af9e2d6cdcc9f5950677475f0bfd0bb028f7b05947492387ab1baec23","ssdeep":"96:YPEPNl4EJq3f65xSK7Vbf1BBp4ViIEtWvY0DIZTM/UshBrBBaGmb:YGqqPSK7VhBYiIE0w08ZTqUAtBaGmb","tlshash":"7581e8dda074117d69aa86d9c032e632732626d63088e2d0f05e0f3547bdd4ba2def47","size":4123,"data":"","first_seen":"2025-10-03T19:54:09.748106Z","last_seen":"2025-10-06T07:31:07.127786Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ea91ac81-BGMreeeV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"8506d4e19453aedbf3c1fc04342b89c9","sha1":"0e2bb5bdcf7088e8614858622e74e932b0c2fa2c","sha256":"184cd18e2112ed9660cd49257113c5aad97d659890668992cdc1635e21f374a1","sha512":"aea362c50d524712756f68f2889fc20a454c6d90196b625c6970314765b332c69bbca873363ba29779f6bcf904bb42f976a317349f70b3a85158398d0bd1b97e","ssdeep":"","tlshash":"a02100d1b6486b0ea53e3fddf0cb184036301123ce8d5683d2174722634fd49427dba6","size":1135,"data":"","first_seen":"2025-06-24T19:07:51.391409Z","last_seen":"2026-02-23T22:20:45.176058Z","times_seen":2159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b5ad3ba43-FnbX8Xec.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"418a2a319f05a9384aeb32aaf00801e1","sha1":"7c7ebee4d25be97f1955d74a1f2038f3f83f5968","sha256":"98ded6f2103faf355cb72eae65efc6a9b39457cfcda69c289f05264f9dd131c6","sha512":"2248ad019f45a7b8ec8e232f8d572be350fda0b589467db9a2f11802e10275d688117eac16f06322cd31a572f662c499c27a49e950204a8be717a4104df5aadc","ssdeep":"","tlshash":"af211181b6b2a4b907ba169ce0263305f4148d6616cdc7d0a2aa02362e94e9f9c3161b","size":1354,"data":"","first_seen":"2025-10-03T19:54:09.827618Z","last_seen":"2025-10-06T07:31:07.113181Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ab0523193-C9mQwbMu.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9f3b62746955150a8de00779fefda3df","sha1":"04f3dc2d260a488498ec36d7554309253699729b","sha256":"7d634871c22557bd2a9499bdf563aa0d5eff7f7f1ee33f30240af4837bae2c37","sha512":"299669813349cd4d327a806d967d195a58300278baf8a5de079c2b775fe6e192a03f2cd68a57104ecc4a07ce05b75710e29874cf910ba4a56ca4f3e4b9097856","ssdeep":"","tlshash":"aa3197fd18e8cd3462d946ddda395a123275560338e9de06f22b8aa4039cdcd861b73b","size":1876,"data":"","first_seen":"2025-10-03T19:54:09.853715Z","last_seen":"2025-10-06T07:31:07.119864Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c44283-CDAc77N-.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"a489417a5df60305e406aea2e7b34fa5","sha1":"e89addf03b2651fc2c1ea5d1b518da107ba2762e","sha256":"be06445588ce2a5edef5d63f4f8e367fe0d40930b4dfc76db8ebd3d033fad48b","sha512":"6674d1920de34e0b5cd53974b799f135624ebaf7a4a08f716b0d4a02172a161659792f585b63ee7c0b764828446684f82f7501c5e7c66550d1fa34f3300feb8f","ssdeep":"","tlshash":"2651940e426c14b950dc8aebad37090dbfba6017698c3ca9fc274cdc034ed9d825a97d","size":3164,"data":"","first_seen":"2025-10-03T19:54:09.856034Z","last_seen":"2025-10-06T07:31:07.121526Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"6c2875f1a9aa4e7aea000433b300f345","sha1":"19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8","sha256":"faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f","sha512":"8a3b447e6a31f96074144e2ad123595f40ecfeea5083cf8e1aa1d69724b490d55d505fef1cd8c27c4ac1bd097cc3e099d385f1de371e91a6a30f31d54b7a25d9","ssdeep":"","tlshash":"aa6000302f8030b280002002002a0022000a8080038000820080028a00228020820282","size":17,"data":"","first_seen":"2024-12-03T18:23:39.020248Z","last_seen":"2026-04-09T06:28:40.544203Z","times_seen":4994,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f2ea148b-CuXbrhc9.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/f2ea148b-CuXbrhc9.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-97d\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2429,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2428)","md5":"2553ae31f5fa9a71fed84798b5735e83","sha1":"0fd849c5741ab96d21664d4f9b8cd3018750e2fc","sha256":"ddf3eacee27a43ff3cbe83822ce1bd7a0ad3db0ec464bc0fa9a85e231e549328","sha512":"b109993391e5843b5665237c0bf50b4620809eb49a5609ece4b6f9e5349ce2658dbec7e7b3f986e794b6a9cf6bdb065f7a81d358a2fe43d103a37e308adf335e","ssdeep":"","tlshash":"d1413203b13292b5a155388fcb61724ef7b15b573ae8c4a4fc385c2153c958b9b2e729","first_seen":"2025-10-03T19:54:09.746566Z","last_seen":"2025-10-06T07:31:07.114239Z","times_seen":49,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ab0523193-C9mQwbMu.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/ab0523193-C9mQwbMu.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-754\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1876,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1876), with no line terminators","md5":"9f3b62746955150a8de00779fefda3df","sha1":"04f3dc2d260a488498ec36d7554309253699729b","sha256":"7d634871c22557bd2a9499bdf563aa0d5eff7f7f1ee33f30240af4837bae2c37","sha512":"299669813349cd4d327a806d967d195a58300278baf8a5de079c2b775fe6e192a03f2cd68a57104ecc4a07ce05b75710e29874cf910ba4a56ca4f3e4b9097856","ssdeep":"","tlshash":"aa3197fd18e8cd3462d946ddda395a123275560338e9de06f22b8aa4039cdcd861b73b","first_seen":"2025-10-03T19:54:09.853715Z","last_seen":"2025-10-06T07:31:07.119864Z","times_seen":49,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdntechone.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Oct 2025 10:37:11 GMT","end":"Sat, 03 Jan 2026 11:35:39 GMT"},"fingerprint":{"sha1":"1C:EA:64:D2:D2:27:D8:F8:14:68:7A:01:A6:9B:4E:C4:C7:D5:B8:DE","sha256":"4B:C9:99:7C:8C:A3:85:BD:17:9A:F8:0F:83:73:65:9E:67:73:5E:2C:89:B3:5F:84:D3:E2:5D:D8:FA:8F:FD:BA"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: cdntechone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 11 Jul 2024 10:23:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nlink: \u003chttps://datatechone.com/\u003e; rel=preconnect; crossorigin, \u003chttps://datatechonert.com/\u003e; rel=preconnect; crossorigin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rtILDXZxmemFHG211H9ygxXKsU7xSGlLakZFJak8rmXZaaVInNLjNwusjYv8IP0h5nQwhr5BBdl%2Bkvhq%2B%2B9od9fTPNnSA5VUAQRg2Q%3D%3D\"}]}\r\nage: 2552\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"668fb2b6-406a\"\r\ncontent-encoding: br\r\ncf-ray: 98a25e9e3b69b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16490,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15840)","md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-09T02:04:50.43899Z","times_seen":9062,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":37,"dns":27,"connect":2,"send":0,"wait":8,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 681\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: dbfd238566c0d6932dd5d5c4cb5b93d2\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-09T08:01:35.724157Z","times_seen":117441,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 760\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=7hnry42dk0iq5ek3wvdtazmcne1gtw0j; syncedCookie=true; oaidts=1759724461\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 9476c0717483c64575ebadb674cc02bc\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-09T08:01:35.724157Z","times_seen":117441,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p407bf384-G5LPkhlX.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/p407bf384-G5LPkhlX.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:11 GMT\r\netag: W/\"68dfe4bf-37c\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":892,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (891)","md5":"9bcb1fc037d2409325880293b4f16512","sha1":"f90f674701c0be73c89a2d80e785c5e3b4951f3b","sha256":"676ecde82e041c768b0cc7d074feeaae87f220c1c05080ca428a1ee0f9dc0447","sha512":"439fe5ed194a72a39128b2d70900b8007ea3b5dd6ab326d1d306f6c34e197a416cce6b2c8b578d53012d9a3553c35be814f5a91ce4ecd254e12bd7160541888b","ssdeep":"","tlshash":"9b11238b05f047e6c1a332dfd5125140755a54333bcce7d6a2ec0b39072228aa618f82","first_seen":"2025-10-03T19:54:09.72618Z","last_seen":"2025-10-06T07:31:07.108581Z","times_seen":49,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/t522c608ff-CLmWCo0r.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/t522c608ff-CLmWCo0r.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-c0d\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3085,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3084)","md5":"1ba47e5063d3b7037bddcd0898b2f901","sha1":"6822a9e9de13b81adf22ea0fac56d88566f4980f","sha256":"56a52b97ff3e6011305b53fde73a56dc41e0babe71854f4fd516bd005f948765","sha512":"f068872b48e76df88970baa0dacb1dea07ff4e85160d1b0342ff08a72dac6b5ab7877da801f7a3107a412cfdc4eb459c6e4b1bb05319972c39a2591cacbcd5e6","ssdeep":"","tlshash":"8651e08fd12610594f94cfb9fc7926573ae6c22a39c28d4863c4a83c41e4bd5227f7a5","first_seen":"2025-10-03T19:54:09.810823Z","last_seen":"2025-10-06T07:31:07.120417Z","times_seen":49,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/cf705b-DJBJ8yhX.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/cf705b-DJBJ8yhX.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-10d5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4309,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4308)","md5":"95ed3eedc0a3608216f722e795a94317","sha1":"956699f6e1798b349952a4274b5476d2eb290cb2","sha256":"c0eaa7de9055609202e646f8656fc602227ddad3aa183cf839207b5e8c320f13","sha512":"b47fea8d27a2c3e6c384e80227bf17d18cf480c1383bd5c7655cd8450a8787b32fc62b44de0440338c77ef78237170b777c71a0479431357ec81bde2455cd54c","ssdeep":"96:k/abuYz6zuxzvPdBb9QQNaAwNSygH/OgV+72:huYGSzv1B1g+yAOym2","tlshash":"0891348fb47920fc7697c69e7173e197163b21062989c1b4a5d74f3806a0249a37fb4b","first_seen":"2025-10-03T19:54:09.757231Z","last_seen":"2025-10-06T07:31:07.1154Z","times_seen":49,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bcec8c4-BSR8zzSG.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/bcec8c4-BSR8zzSG.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-277\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":631,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (630)","md5":"9e9e6b8dfc6dc8bd0c6fa40320c38de2","sha1":"b23a7c07212273dd848deb698d5b1fe654e9edbb","sha256":"9e74b1d1908ae93f67b9eac8786be85fae8ea9a1538ad4bd7280293d23c665cb","sha512":"738da3e8f07d3bef15423eb74b2ac5eabb0827a691e288846df5b722e19dd96545e0ec1690b696506e16a141883d01e8eaaa68eb5216f696d4b954f7d2cd8669","ssdeep":"","tlshash":"cff0a2f546f015b8804a13afa278774339ac01b6239d5f52b13c8ea93744dc79700e8b","first_seen":"2025-10-03T19:54:09.848563Z","last_seen":"2025-10-06T07:31:07.107624Z","times_seen":45,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w63ba5c1-BydDp76H.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/w63ba5c1-BydDp76H.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2822\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-b06\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2822,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d97b733d27b3d23b94f366abe4949987","sha1":"2864ceb8b1e13a08f4148ee00a914a3cae8382c6","sha256":"a73037b7383c7541863999285ed16cd2001918251e4d75d4f2a5e5fdc429ae8e","sha512":"6fdfe1c40444471feed324990f371f410defca6ab2a191d430742610123304e388e1fa71556b77a3b96426af67faead5c24ad1c6c322c8c47ac4c6c182bee9e3","ssdeep":"","tlshash":"66514c2c535f7910da8eac0c77a1874f0c474ed5807b9b3c14666615a72beb908fcb52","first_seen":"2025-06-27T08:10:52.459129Z","last_seen":"2026-04-08T18:34:17.494081Z","times_seen":210,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/i56b7e6ff-COuB6Raa.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/i56b7e6ff-COuB6Raa.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-5ba\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1466,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1466), with no line terminators","md5":"9ab975390d8115cb8a64837372b9c8dd","sha1":"3f49c166231c3e404083161b1befc4199ce31273","sha256":"5174602e539f11c86a8c617f87a964560d70839725a233376a9e5939bbaf2de1","sha512":"347d9bc3548844a6693028f457a665ebef7abe40a8fd78b3c5e8499c28a72bb3283cf7ea8f6b2f715bbf3b20e9b101c60c1397723e580c319048e14e41080557","ssdeep":"","tlshash":"e331128d94b0a2f981aa05ed8059e931631502177244ebb0b07d4f29976ce8fb917747","first_seen":"2025-10-04T01:04:38.757065Z","last_seen":"2025-10-06T06:19:23.569812Z","times_seen":30,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e447ea061-D57iM0vO.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/e447ea061-D57iM0vO.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-42a\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1066,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1066), with no line terminators","md5":"8f10a9278f3512779916ed780f4500a2","sha1":"5ed1189c39b1b44b1667bb273e97dd394a90c5eb","sha256":"0a8b2646bda8538ec825ca5dba7c9658f6a6aab27699e430aedcaea4822c1979","sha512":"e4d95f6d3042d96bbc41d0c532d785a93d3b3b64094deb4523bcc506c8332ef42ad3bd9e3981a9663d018a9055e106a47370d645b2eaf0899d57cbfdfc1b3a47","ssdeep":"","tlshash":"7e11124a7b64197d101915ecc014e920420556693bd80fe2f1be56be3b7afcd7c23b17","first_seen":"2025-10-03T19:54:09.752775Z","last_seen":"2025-10-06T07:31:07.123786Z","times_seen":49,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d8dfcb4fb-DtiKwHav.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/d8dfcb4fb-DtiKwHav.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-474\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1140,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1139)","md5":"18f18b0a3912c75e68d857b1ea7355aa","sha1":"01fe0d375310ed977adb96971bcdbde64bc76eb7","sha256":"19b4630e6767d69ee5555ba1bef9b27694b252d2283d8d3a03ac2a8dca7d2478","sha512":"428259036742bc7c8af20e3b525af247ebd924d1d987d54b62da26979868d7df17791c5c9fa19633062a59688fe84c436531d384b043d42f1510930f964ad78c","ssdeep":"","tlshash":"54210388a1e003ad494f11bee27d604a78450233dfdddb51d5fc663d1beb0999901f85","first_seen":"2025-10-03T19:54:09.849732Z","last_seen":"2025-10-06T07:31:07.122643Z","times_seen":31,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p5ac86ee6b-CS29teTx.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/p5ac86ee6b-CS29teTx.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3834\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-efa\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3834,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ddc379023c0cb5feafe0420f410727fa","sha1":"39f7090fcf1b15042f427a80d1a26dc570d89da2","sha256":"81e197c469516968d7d7872e4a113179dcbc9ecea6b5a689c491369666d7f766","sha512":"e3b8d75a0894a93184ad1e91ce5f37273f4696d068a481ab2a4e7c673f12ef090681007d68be53be87e54b81853407a1096abc1401d95d0ab0612ae235704d07","ssdeep":"","tlshash":"f6816d73eb92e43cb12d204100cb387155f69414726f94f91e66f0280fd4f7978626f9","first_seen":"2025-06-27T08:10:52.488618Z","last_seen":"2026-04-06T16:14:35.268087Z","times_seen":167,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:02.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 834\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=7hnry42dk0iq5ek3wvdtazmcne1gtw0j; syncedCookie=true; oaidts=1759724461\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: e75434badd1e36557b20c695b8439aa8\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Wed, 08 Oct 2025 04:21:02 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-09T08:01:35.724157Z","times_seen":117441,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g10b308-nxcM97u7.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/g10b308-nxcM97u7.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-20b6\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8374,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7845)","md5":"0901bbd2ad792c8ff544014b5d642200","sha1":"3923c623edb7c37a7f50fb294478370a2504b8b1","sha256":"7fb59cfd7cbde6da313c9236c9ee2da89ad6be891793e63df77d7b7b22329ecf","sha512":"521c2f52f2bb24bd554b3ea13247da5a9c28a18515cbff2157de39468c032401b1faab8297bcd4ba0385b33e3fc028c6353eb3dd484ae44d23e8721649264463","ssdeep":"192:EevXII5n5VdX5engMPzsPrFgIOkt/OtRiLE8i5RWbis4M1uH0Wi:EevXII5n5VdX5engMPzsPrFgLkt/60AA","tlshash":"8e02f79860d92e7cc1db4ceda9108459e23f0a69b94ec5d1d3ad6c7c419194422bbf8f","first_seen":"2025-10-03T19:54:09.750716Z","last_seen":"2025-10-06T07:31:07.126679Z","times_seen":49,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/h97254b1c-DuuI0eLv.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/h97254b1c-DuuI0eLv.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-e3ba\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58298,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (58298), with no line terminators","md5":"1019a609db5bb944b0dad6d282b21723","sha1":"7a269106ace6a2456a30176a6125f494f6491e63","sha256":"34f9d6aa8c30b576df04452a49d4872762ecefe2eb99a3b69723e61235f38722","sha512":"1fa644283e24645899ba097c7b1a396f5704eee9ff92b31601c0347ad84dd45ce707008c14fd21e38c000d2d88d481807a77ca80bec60c5334114574255e3a8e","ssdeep":"768:dkVs2ySwKPusCqhN5yWvTghMhq5InZGglOhXRaAATx+Ew70QfIUd6krYebRlNA0k:SVFvwKLQhbATx+EE9dAykafPwh5t","tlshash":"bd434f9ed2129fe988b31798b95c2a11b22d0d0ded4981b0ecdf0f161b6dc87217b79d","first_seen":"2025-10-03T19:54:09.785256Z","last_seen":"2025-10-06T07:31:07.109312Z","times_seen":49,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/h53a8aaa4-B6Ab70wb.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/h53a8aaa4-B6Ab70wb.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 492\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-1ec\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":492,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19a648d7f4abdf58b681f4c290afb76b","sha1":"0bc732bf13be96c7ed11b60f83a7b0ad7ba1d972","sha256":"854ccfd95646ea558658b455501a0e94e134e8c3ece9be385ac1cff401e2eb3d","sha512":"1e3d9d9c2a14591d08e01408fcabd92e5099d58fc8bd3f0534b38382b27a9726e35670a0d286069bcfb35ae0512192820fd773ec344f6754e263b5487f71180d","ssdeep":"","tlshash":"72f00e75d2086a80dbd48c7ca9d88328b5b4b34c21d854bd04bbe4a888023e83cf5ce8","first_seen":"2025-06-27T08:10:52.462074Z","last_seen":"2026-04-06T16:14:35.279081Z","times_seen":162,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b9054325-BqOGr42I.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/b9054325-BqOGr42I.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2042\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-7fa\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2042,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"adcabd6f278889f1e1c73a77d6fa6e08","sha1":"c414b093e48114f84e6c038a577857f110a30031","sha256":"3925b87d2aec26251d1e56893cd43f5fb8e5cfd30c07b90ce6a2746d60d7bb6c","sha512":"ee7f60e6bffcbd010888db6a665a26dedb28299dfb3cdbf66ccba3261e9dafd1c7d1a10f682c1f332b26b9282b3932231cc7e1f606b436020d65255f8d6061a2","ssdeep":"","tlshash":"2b411a1a5129544afa3d4b4d1b36e4e1559b0008ff079d69f4c6080de69f805df49fdc","first_seen":"2025-06-27T08:10:52.427087Z","last_seen":"2026-04-06T16:14:35.282065Z","times_seen":166,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 477\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.ak2yy.com/clicker/1866/en.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: c6cfa951223d0ad23a9e50aa676cd300\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-09T08:01:35.724157Z","times_seen":117441,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a57908e-BTUEIGJg.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/a57908e-BTUEIGJg.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-1b32\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6962,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6039)","md5":"c4fff0cc5ae289b0b99ca665e2ec1d78","sha1":"ef0b8a05c7658bea3253285705158e8d0de19153","sha256":"c6961c6bc30d6ddfa36a4a03d1abfd87f5edc94a1ffe48daf5405332dac8e819","sha512":"7d006cc18973757f86c96947d082c6d703623f3296066c53418e0532dffadd7909a88948da77df693bba5e0b1e887cde8ea3aa8265b520c073039449fb38ce5c","ssdeep":"192:GXe5In7VIdX5tVIA2IWTeYhveJxzlgngnkYIKCwHnHo9DpNC0lc:GXe5In7VIdX5bIA2pTeYhveJxzGEtIDW","tlshash":"f4e1e7dad4bc1b7aa7451ceef851112bc7212386219de9f0d44e8f7c2790b076039f99","first_seen":"2025-10-05T06:29:29.132527Z","last_seen":"2025-10-06T06:19:23.542923Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w9b438a4-CgZyzUqr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/w9b438a4-CgZyzUqr.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-14e0\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5344,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5344), with no line terminators","md5":"bd5efc8f85c6b8a41e0339d299167fe8","sha1":"65a108bfa2a71a2e87e0b9437306815b825c3b30","sha256":"cef84d17dfab6057751ebb114e31e871f708dc7a25e0c401662a584f1e918e3a","sha512":"a5397c30e312d823cc388efa2903abda4198b6bdb40283a5433e0273a795c66fae7d3a65eb210427e5138c674d9f4b54fb9975df760b601426710ad42a771dd1","ssdeep":"96:h0RRatOb/QIlnLp7hffez9YTGDQjzHQjPki8QjIIVzxJz6M9NzMmgUV+sszbCT9H:WRXDPnPfez9YaYg8FIVz/6M9FMmgUV+G","tlshash":"83b1a4c5d0a9dafd0dff6bde24a0c16273504e073c8ad934f2654c2a27b9c06a1ab747","first_seen":"2025-10-03T19:54:09.722104Z","last_seen":"2025-10-06T07:31:07.127235Z","times_seen":49,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g7004738-RvWgQyis.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/g7004738-RvWgQyis.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-15d2\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5586,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5585)","md5":"8afe514cc54e977f97e7525a5d5aaef4","sha1":"9220f7c58014732af976ac87facad94dbefc7dbb","sha256":"dcf182b8d4d0fede6a8bf5066fcaaf0349b0a57cdf24a80d8bba999fe41a68c5","sha512":"862790ff35d6d7ddfddb9a61ceb8fc5bbc11cbd0083d628a942e7296885e52fa600e24948f984106a6d9c04e491ce101d02c89e99b55d5464c1ff8d6895cba00","ssdeep":"48:54ighIUhvH++y/MU5NA4ZY6mYgAa0jRK3sNrNFLgtlzTVQyguQYKfSGF2J/s0Vgb:5Lga8Fy/L5TZLB/ONckOXCmnLSqSjCkO","tlshash":"f8b197bad254772ca13752dff2888a4cc9242941e367cb2ae3fe5b39035115912b9af1","first_seen":"2025-10-05T06:29:29.134472Z","last_seen":"2025-10-06T06:19:23.570441Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?userId=7hnry42dk0iq5ek3wvdtazmcne1gtw0j","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js?userId=7hnry42dk0iq5ek3wvdtazmcne1gtw0j HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://cdn.ak2yy.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=7hnry42dk0iq5ek3wvdtazmcne1gtw0j; expires=Tue, 06 Oct 2026 04:21:01 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 98a25e9e3c670731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0e26f1d507b173eda922fd4ce729bff4","sha1":"57d27545bd86d089ef10ea668157214f06472595","sha256":"40648b796b81a5d8e54632a5d109dfb02356127e9df93c5c3756a00f5bb2e0a7","sha512":"25957ff3f45232a6423e80bbbda0d0ae0990618e628a5fa002aa2b0cb31f9888a1e34008f5489ff8cde2f1bd9ff5dba89c22aec616c3f83e85b93aed8fd27de2","ssdeep":"","tlshash":"fca0024098a806d494778a165b4ad622560021617e599b5841dfc0053b8614d4c69bb7","first_seen":"2025-10-06T04:21:26.467334Z","last_seen":"2025-10-06T04:21:26.467334Z","times_seen":1,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":43,"dns":4,"connect":2,"send":0,"wait":34,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:02.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 899\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=7hnry42dk0iq5ek3wvdtazmcne1gtw0j; syncedCookie=true; oaidts=1759724461\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 92b004ee344a828a31af940dcb4b4a9c\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Wed, 08 Oct 2025 04:21:02 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-09T08:01:35.724157Z","times_seen":117441,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k06e0389b-BD3VBnuq.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:02.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/k06e0389b-BD3VBnuq.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=7hnry42dk0iq5ek3wvdtazmcne1gtw0j; syncedCookie=true; oaidts=1759724461\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-2da\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:02 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":730,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (730), with no line terminators","md5":"f45a53fdc407595bf9460eecdb602310","sha1":"f23524f01cf0c7392c0d2d4eb064c02d35201bc4","sha256":"f8b00678741df33fee8cbc8273a40ff0cff02e9891142842d4c8a711238ead9d","sha512":"aaa671f19051236f5d25782d49e7ee43e7fe3f243864549436695819d5d809fec25dd4c6be00151907fa932ee1edf6dd878958571bf63dbd5e5c8fdccb59fe2d","ssdeep":"","tlshash":"7a01cb89dab0b269407f39bcc519604a66761137cbcf8f62f2fd57342759ac6f904213","first_seen":"2025-10-05T06:29:29.143814Z","last_seen":"2025-10-06T06:19:23.581056Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/cdb4ef-CUrrH_ib.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/cdb4ef-CUrrH_ib.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-10822\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67618,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c15f6b1428cc1731d96e055589ee9f49","sha1":"595808876158eb2c875296ae8e0ec10afc82d7cb","sha256":"ddd608ac18ac88b094db3d36c649e67ae53d51ddbf063ea0c43fcfa3cf230fff","sha512":"5e02d970e8afd6e905c1027b74b409cc706e8dbe7a8cfee0b1dc833810f15564642e21327fc56da7e368e8240fcf6c39eb12d88fa6201c0167267066874c2c8f","ssdeep":"768:raQWB93EFyzwaz4+BlYXed2vhfZk8eA02rtWPUfh0UpkEugFn1cL9g7AM8wC+KbQ:2QWqyMaz4+rvO01gpkgFnKL9D+//","tlshash":"476328a47456b03d47eb70b6903f1a0af37a000691ae475ce712caf52ba4d1d622ff5d","first_seen":"2025-10-03T19:54:09.80147Z","last_seen":"2025-10-06T07:31:07.118747Z","times_seen":49,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c7fc01d5-uKiSnrbr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/c7fc01d5-uKiSnrbr.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-1a5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (421), with no line terminators","md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 545\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 1f8d99c724dc4d2c6f57350da58804e6\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-09T08:01:35.724157Z","times_seen":117441,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ea91ac81-BGMreeeV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/ea91ac81-BGMreeeV.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-46f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1135,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1135), with no line terminators","md5":"8506d4e19453aedbf3c1fc04342b89c9","sha1":"0e2bb5bdcf7088e8614858622e74e932b0c2fa2c","sha256":"184cd18e2112ed9660cd49257113c5aad97d659890668992cdc1635e21f374a1","sha512":"aea362c50d524712756f68f2889fc20a454c6d90196b625c6970314765b332c69bbca873363ba29779f6bcf904bb42f976a317349f70b3a85158398d0bd1b97e","ssdeep":"","tlshash":"a02100d1b6486b0ea53e3fddf0cb184036301123ce8d5683d2174722634fd49427dba6","first_seen":"2025-06-24T19:07:51.391409Z","last_seen":"2026-02-23T22:20:45.176058Z","times_seen":2159,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e4f65f37-DvnaLLLN.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/e4f65f37-DvnaLLLN.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-a98\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2712,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2711)","md5":"cd0bdfb3226db8ea2be445cdc736170b","sha1":"28354796eb2bc0f00c8acd31c79bfe7ebc1a5385","sha256":"46435d64c90888b89b25d81709038182b322d806f1f5cb77905075dfe515be95","sha512":"91ac137d79e0a0dad84dfdee028e2bfd2ffaa131e810cfb645c6c5cc2a2cec1dccb98a4be3decd8b9b30947e0b4d12f6fa8dbb0d98e22a94ea42f5340211f1ef","ssdeep":"","tlshash":"1151b5be44d8a83a0a0c35dfd53681663d1828437c1dc9e1a57d8d2e23eb084e13de37","first_seen":"2025-10-03T19:54:09.728268Z","last_seen":"2025-10-06T07:31:07.11824Z","times_seen":49,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ef4fce54-D-jw83Ej.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/ef4fce54-D-jw83Ej.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4376\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-1118\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4376,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"723098a77205f699c6e69930cc937787","sha1":"d21ffa2c7e6da5aee8025711dbeda0a3b298737e","sha256":"842369097548ed376faf3b24f0c836c4c379a27b7e89e834d910c536406111a8","sha512":"0af41cfd773a6176742709beaef74d5324e5be8bb9e31d6942e227d174d1b91bfa338bae0fb372694269c524b3979479cd007f49211ab338ee69892ddbee0cf5","ssdeep":"96:70z6dw/UdwrnUcPGWMjMxvE8eUqbhoi/7G+Smhy25qJoKBaFL:wz6ndwbUce/MqAqbhl/7GPmQJ/BA","tlshash":"60916db3db50d7d9c552d2fa3a7a2758cf851c120409ca9e521ea39701c8ac6dc751f7","first_seen":"2025-06-27T08:10:52.486889Z","last_seen":"2026-04-06T16:14:35.264794Z","times_seen":146,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f43d183b-fFmEkK2x.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/f43d183b-fFmEkK2x.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9756\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-261c\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9756,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"06e59ab12ec568f5eb68471cf43dc860","sha1":"7eece612f12644f5bdc0215b35770f4f0141eb29","sha256":"a86f2968e7313adaee508244987709f937c512f7b25322f4bd4d8f2e231a6150","sha512":"29de94ce85390031cbe2978b406d0582ef46153fea5138e4bf3e99e2fc1a63082da5fe6f7504d2b21e46aeb7ab7ee01302ed5474e2f2ab0c97a31784ff12e99f","ssdeep":"192:7zrXoONKS80ZzKZMWjjegJpungh20//DLf84WCL4p/13BjA/8qefc1Ao4uvkIfNT:7zboGKoZXWjj7pggX04WC47BjMAojvfp","tlshash":"8912b0d1770e2a44c86e05f9d2b8fd063fade7289a7aca3392401d0517424ed77be166","first_seen":"2025-06-27T08:10:52.45317Z","last_seen":"2026-04-08T18:34:17.488687Z","times_seen":181,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g99ae0db1-PAktByuT.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/g99ae0db1-PAktByuT.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-291\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":657,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (656)","md5":"640833f0d9ca87cc87df0b69285249f5","sha1":"e4a73e725f43e962fb31b6708401f68f9c805307","sha256":"02dcf133cdd74bb98dfc4ea5e3f1eb4c436bc105a190815f799022bf9e340b9b","sha512":"cdfec64705766497ed18bb5b1e43d799f2abac6bc14cfc4857cfdfeec854fe3127a8b0fd8e72417b998daa07003ed870cabf20d023d0ee7844559d13c6212703","ssdeep":"","tlshash":"db01dd8e49f86594c01621afc26a6252b2554127128c8ba6e23c0e390775abfba15f83","first_seen":"2025-10-03T19:54:09.820394Z","last_seen":"2025-10-06T07:31:07.130473Z","times_seen":49,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j5765a6de-BcLuyUIx.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/j5765a6de-BcLuyUIx.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:11 GMT\r\netag: W/\"68dfe4bf-87d\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2173,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2171)","md5":"f31ad58f9752451edc6ba0932b3676a0","sha1":"3d3b008452d9e95d0aa59eefaff63e93d8411771","sha256":"d77bbd1203628fc23938dbece301e5233400dab806de6fa2639764f2cf21b5af","sha512":"138f979e299a833a869b92e95a2f8c91c9c865bdafcaf2d69385e73f2f8ac93fb1c981f3959a3757783355ba8995a055acb132a82d5fb30588ff0bb87cf483f0","ssdeep":"","tlshash":"d54197a972751b7cf00e459ef62d828ff0167786da4eca50f0bc4c1a175d890b746f81","first_seen":"2025-10-03T19:54:09.755966Z","last_seen":"2025-10-06T07:31:07.111293Z","times_seen":28,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l4e7e87b1-BWZcWMgN.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/l4e7e87b1-BWZcWMgN.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3728\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: \"68dfe4bd-e90\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3728,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"000edce619dcd99ee2b230b45e19ff7d","sha1":"ac13acde0ad2333e607f1cce243569c55fcc0c50","sha256":"94f90889175e6dd56ec756890e548f671d23e6e1cfdb3596f4e4ac6845ba8952","sha512":"1b5731be81f50876cd92cd29a56de03e2d957e3694dd3841e498db69c2070c4348972753fe208737356e9b5813f1c9dd5f9548470b8a802144ac654df5e517f1","ssdeep":"","tlshash":"b0713cd4531b77dac0800570248c0325ed86fd614eeb661a5d66d275ace87e08bbd4ce","first_seen":"2025-06-27T08:10:52.449834Z","last_seen":"2026-04-06T16:14:35.264042Z","times_seen":146,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w0841e6fc-CrgqgaXS.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/w0841e6fc-CrgqgaXS.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-101b\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4123,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4122)","md5":"379476baeb012a0843b82ed44fd99440","sha1":"73cc31ed4465aca9b9de68e4dda2327c993eb9cb","sha256":"45bbb84b7ca804ecc4a941dc7b8783432c240773de6d2da9fc2ea8601433cf89","sha512":"59a5c94d743fc251e7c9d36d18fa0f23b518f68f4f92e98d7081134d2b273807d14cab9af9e2d6cdcc9f5950677475f0bfd0bb028f7b05947492387ab1baec23","ssdeep":"96:YPEPNl4EJq3f65xSK7Vbf1BBp4ViIEtWvY0DIZTM/UshBrBBaGmb:YGqqPSK7VhBYiIE0w08ZTqUAtBaGmb","tlshash":"7581e8dda074117d69aa86d9c032e632732626d63088e2d0f05e0f3547bdd4ba2def47","first_seen":"2025-10-03T19:54:09.748106Z","last_seen":"2025-10-06T07:31:07.127786Z","times_seen":45,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dfd99552-n0HasRg3.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/dfd99552-n0HasRg3.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-66e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1646,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1646), with no line terminators","md5":"c15483655546c31e5f7487d816754022","sha1":"499ed0b736e2017a9b7e4fb50fc471aac3ac87d6","sha256":"e2a5d9ac544085f3b30e065657ce1d1c23ef11111f51c9614f9cef638c6d4281","sha512":"9b59ef0bd77346c51e1b638bcada784555b8588c1fcc0f8d8ad16ddd2056b12d0599d783bc505b2b4ed1e8a9526e1ebbac75323f0c6c85b2f36fe184816936eb","ssdeep":"","tlshash":"f731968ce950969c443529bdc36d14656f04377f53dbcb00e1b8383f12592c8b613f52","first_seen":"2025-10-03T20:26:44.051415Z","last_seen":"2025-10-06T06:19:23.547767Z","times_seen":35,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/x42f706d-DvgxrRXx.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/x42f706d-DvgxrRXx.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2730\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-aaa\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2730,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9072035533b0e9e227588e5d057b1322","sha1":"b639941db505cae0fec40e68cccb9bc6823b8061","sha256":"305059da5bb975904c33e83bd51072df78e2a4839d93c5f92d0b82f527537be8","sha512":"a8aa77e6d304a8a5811ba5e7fe201c7cf38b6be9f402d9d1d10e2374e3f59c9666d681f03d4ba367e7ce4144307ac9dc9e52d60c99bb347fc39093f7ac7b64e4","ssdeep":"","tlshash":"6b512b0cc72e4b86c65036f89998530a7e06ff11599ad4d767834609af88bf17bde1c0","first_seen":"2025-06-27T08:10:52.476875Z","last_seen":"2026-04-06T16:14:35.288423Z","times_seen":146,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/favicon-96x96.png","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /favicon-96x96.png HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-09T07:56:36.778124Z","times_seen":16341,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/q5ee44c6-CxFn1JMn.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/q5ee44c6-CxFn1JMn.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-e75\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3701,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3701), with no line terminators","md5":"bfdb2e62e4d6638abae7a204b588168b","sha1":"5664d069b35db2a41300dad1926a7b91fe6a1c22","sha256":"6895af9d8691376837b02b73357fedcdcbc382617f05149bc8dafbc6a90692d7","sha512":"8ef432c7237016205f18cc531b0284dbd18c6123fd80794c28cf4607412d21398d5f37ff535f0506c9133efc925904ce545f0f09abc940caf991cf875baeb23f","ssdeep":"","tlshash":"8a71d8cdc8e5c534519f35de1028216076be4e1b742c8388907d0f3d8f5db4ae485b5b","first_seen":"2025-10-03T19:54:09.744607Z","last_seen":"2025-10-06T07:31:07.131048Z","times_seen":49,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b5ad3ba43-FnbX8Xec.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/b5ad3ba43-FnbX8Xec.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-54a\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1354,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1354), with no line terminators","md5":"418a2a319f05a9384aeb32aaf00801e1","sha1":"7c7ebee4d25be97f1955d74a1f2038f3f83f5968","sha256":"98ded6f2103faf355cb72eae65efc6a9b39457cfcda69c289f05264f9dd131c6","sha512":"2248ad019f45a7b8ec8e232f8d572be350fda0b589467db9a2f11802e10275d688117eac16f06322cd31a572f662c499c27a49e950204a8be717a4104df5aadc","ssdeep":"","tlshash":"af211181b6b2a4b907ba169ce0263305f4148d6616cdc7d0a2aa02362e94e9f9c3161b","first_seen":"2025-10-03T19:54:09.827618Z","last_seen":"2025-10-06T07:31:07.113181Z","times_seen":49,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j475f52-CqGMK-F-.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/j475f52-CqGMK-F-.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-946\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2374,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2235)","md5":"fc0dc32553824bd37d64e968c445a50b","sha1":"c08bce23fcc848f23839a0d11febe3b92529f41a","sha256":"923a2bedae140e661971969ca8efb8d7a55d2048804c13d683e47f5166856c3c","sha512":"ba74226eb4d86eba3df3286eaa4fafa170d8c42a8be3900fb84640c93cfd828fcefc6cc3a60d9f4d4ac9cb96f3ad35daa5b9126cf8816e5fe2eff1816d12d659","ssdeep":"","tlshash":"5741449bd078027265119decc863a566b3ba601322dcf7f1e0ee4bf123a5226a218747","first_seen":"2025-10-05T06:29:29.135704Z","last_seen":"2025-10-06T06:19:23.552478Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/favicon.svg","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-09T07:56:36.778124Z","times_seen":16341,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 598\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: a797103eae26d41dfd9d6ab067f41ea7\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-09T08:01:35.724157Z","times_seen":117441,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/df2b021c5-eEqanLUm.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/df2b021c5-eEqanLUm.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1852\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-73c\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1852,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c6211162e103961458f3c19bcc9a2571","sha1":"d2722f202b70ef0ef50177be3698e8876c17f176","sha256":"2f16c95955b132c9f8c6495fb5e4b7fb6988789240ddf779e022fe4458830b63","sha512":"95f94240c16e78753782d17532f8058b335d478f25867d98f55d02502edd5bc323de431c743345030528ba4b1c324c0771747f173460659dff7050bb9d1acdf7","ssdeep":"","tlshash":"153119d90db897558b28861230978d4a679900ecac81ff07288cd65b2709d9f012fa8b","first_seen":"2025-06-27T08:10:52.442966Z","last_seen":"2026-04-06T16:14:35.296912Z","times_seen":166,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e65e6f6f-BxdoAFT-.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/e65e6f6f-BxdoAFT-.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4758\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-1296\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4758,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"08db7606196f1ea6e9094ed79474b722","sha1":"65f10b0caf84ab57ddd008a98b43bea098b76dac","sha256":"64f3f8f5b6c764bdfc7d862ef4427c356a425f838911716ec1ca2dd459f6e934","sha512":"c63d790dc210db105d7ef7d0b8391e8670022f599627ab8c49495e55fcc1c052bcf5a96c4399797fefccedab6885c4487cac45cad06ec8b8101bb85de17a598b","ssdeep":"96:60zruaEmQxYIQP8lqul01fG8uUKdLpdy3ur6Ua9fb:nzruRmQxfzl01Datvu06UaJb","tlshash":"08a15eff1f50c743dcc16679e654974ec6297974179092dbe7025223ce181903eae3ad","first_seen":"2025-06-27T08:10:52.471449Z","last_seen":"2026-04-06T16:14:35.251427Z","times_seen":146,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=7411db56-9290-4c69-bd7a-1a8dc07ac8ad","fqdn":"datatechonert.com","domain":"datatechonert.com","tld":"com"},"ip":{"addr":"185.49.145.45","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"datatechonert.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Dec 2024 00:00:00 GMT","end":"Tue, 23 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"ED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72","sha256":"A3:45:F2:05:D1:B6:89:92:B3:05:C2:75:20:48:5F:3C:AA:EB:B3:A9:32:5E:CF:38:C4:37:CD:C0:B9:57:CA:E8"}}},"request":{"raw":"POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=7411db56-9290-4c69-bd7a-1a8dc07ac8ad HTTP/1.1\r\nHost: datatechonert.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1345\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Mon, 06 Oct 2025 04:21:02 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://cdn.ak2yy.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adb4650bfc9d2a73d4dd69583b0ceb14","sha1":"1ce399d6e936232aaf2192cd7903a279c5015f22","sha256":"21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed","sha512":"3fbce22572bbed1aada0f7c6706f16a97e7c0ea132dfee1a7eb80f5e68da1cc63c891a5bc3ea8e87f0c97be3002212a0efbb2af9553acb45e0d447a685cd805b","ssdeep":"","tlshash":"436000000c3000000cc00c0000c00030ff300f00000f00c0000c00f003030c0c00c000","first_seen":"2023-04-05T07:30:31Z","last_seen":"2026-04-09T07:37:58.566765Z","times_seen":56086,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":124,"dns":20,"connect":20,"send":0,"wait":20,"receive":0,"ssl":84},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/v82c158-B138qOTr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/v82c158-B138qOTr.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-208\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":520,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (519)","md5":"46346e4945372b182d1d6a15f6600bf1","sha1":"5c9ebda18ddfbddce34215c319311765d87fc50e","sha256":"c79ed1f0dc50a6471e962d8b34a48e83efd9f14fdfbd9fa7dcbccd221599cdd8","sha512":"1599daee32ac99bc9c686c133f3acb19ff62b6a5102289a68233ca6907c747780d097693e014b0677c91f8a3bb526260ea190b3e9e10dfade250cd827433281f","ssdeep":"","tlshash":"3bf09e8e59f0626a8046237fd16f9d45309502235acd4f55a27c5b7c1376a9eb901b83","first_seen":"2025-10-03T19:54:09.775914Z","last_seen":"2025-10-06T07:31:07.129963Z","times_seen":49,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e8dd6bea-BrnrHWC0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/e8dd6bea-BrnrHWC0.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-2eb\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":747,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (746)","md5":"4188f4de6a1e7e7f17ab8bb39aced471","sha1":"d76868a2c259d4b465177cda72633c30710e6ad4","sha256":"9580f3426a4d266e7634cc508bc0192ecc4791c6287e125247f8c34c6d3db53b","sha512":"43506fe670698c289bb0d8ce050c15e011465f6bfe904ebc12d1148cfe6fc7117614f910f52b41522079cfdefb294e2668bf2aeea9a5b7bf606778429ba86306","ssdeep":"","tlshash":"7401b8ebc5f0a768940f22ddd5291023379252474bcd8f81b0bc0a3a17a368a990eb13","first_seen":"2025-10-03T19:54:09.724009Z","last_seen":"2025-10-06T07:31:07.128856Z","times_seen":49,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c44283-CDAc77N-.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/c44283-CDAc77N-.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-c5c\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3164,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3026)","md5":"a489417a5df60305e406aea2e7b34fa5","sha1":"e89addf03b2651fc2c1ea5d1b518da107ba2762e","sha256":"be06445588ce2a5edef5d63f4f8e367fe0d40930b4dfc76db8ebd3d033fad48b","sha512":"6674d1920de34e0b5cd53974b799f135624ebaf7a4a08f716b0d4a02172a161659792f585b63ee7c0b764828446684f82f7501c5e7c66550d1fa34f3300feb8f","ssdeep":"","tlshash":"2651940e426c14b950dc8aebad37090dbfba6017698c3ca9fc274cdc034ed9d825a97d","first_seen":"2025-10-03T19:54:09.856034Z","last_seen":"2025-10-06T07:31:07.121526Z","times_seen":47,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n7266b7-D0RBAWxK.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/n7266b7-D0RBAWxK.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-1b1d\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6941,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6138)","md5":"4244bc1a202894b3871921bdc5db6456","sha1":"48d11b7480cd732f36a188126ec7636d1bb1625f","sha256":"81d2cb498daa52877bc3ba841e0d93425f85a970592676c9899822cab0d43b8f","sha512":"3b4fa589f6c1973a5f130427f72568cb6f20fe260f75f95f89aa82fd24105f1df4dc09a520aff6ecc3faed52fd78f44eed8504e2365b4d7543bda15ab5fc5202","ssdeep":"192:A5eXAPn7VIdX5tVIA2IWTelg8QumFVvUfyNdK0jZtDiF/0LDDazOY93cvuJBEZ:A5eXAPn7VIdX5bIA2pTeG8QuIvUfyL9v","tlshash":"e4e1e889d1ac0a76d212a8e8d980951fd27b3782728dcbd0e18f4df923c875591b6acd","first_seen":"2025-10-05T06:29:29.154198Z","last_seen":"2025-10-06T06:19:23.545254Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f3f792edc-Dc6duK_H.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/f3f792edc-Dc6duK_H.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2310\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-906\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2310,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"18defa13b34a0881580755d0ac8e64b5","sha1":"2d0bc8f49571c9b60dcdcae501b41a5e03110b08","sha256":"2a9803be8440b659af54d734ac34aca97072849e6e1e804cd1647db2e0240311","sha512":"a7f1e94815a42f621a7ac2fe5d986e044650986d64be9b9695133a3a9b0a89e536fcf6d031f30c11eb1f7298ae08393df0d2b48b52e4162f9c927be4149af572","ssdeep":"","tlshash":"fd411a1943550bd2d0f506f82cd00f09dd57bf676796779e900142464fe05d3e89e2ce","first_seen":"2025-06-27T08:10:52.446182Z","last_seen":"2026-04-06T16:14:35.302156Z","times_seen":146,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/r1ca7ee8-ElEfeo3d.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/r1ca7ee8-ElEfeo3d.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-7fe\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2046,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2045)","md5":"71144f8ac0ce34b4dee38cfab20de3c0","sha1":"2896fceecc1a75b41a1fab73bd6264ca0dc5ed6f","sha256":"c892b7c98c9b7ea953a33eae4cc1e04ab46c62f9ec49f2b68a9ec43d9c607172","sha512":"7bc68a80e1e40afe26422a2695d31aa1294f23d199ab66591bcc45ac86b592daff243502915692da2aca1ba4b2a8b201f1714748331c294b7628dd9d3b424b9d","ssdeep":"","tlshash":"5141969c84f8687880b95edcd276f633710e9933385d8ad5a06e0a36277ed825198b32","first_seen":"2025-10-03T19:54:09.724926Z","last_seen":"2025-10-06T07:31:07.12436Z","times_seen":49,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g1fe175b5c-CapbLVyi.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/g1fe175b5c-CapbLVyi.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-980\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2432,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2431)","md5":"6c991d65acc7e7738b0a3e911b400415","sha1":"7f860f9fd875ed603eefa67da03f17578237f554","sha256":"5a21babb35f1471d2f2a241bd5e89d098fddba2f8436a997f0b4e3b7c24b1b27","sha512":"ea70aa2f59db9a5c2ac11afbef2a64731aa93501e5ccdf976c1b971bf9707ef3a5769a81163b9ceaf20c5c777843700697710de848ac568e587531979c9eee98","ssdeep":"","tlshash":"d5414e57d264a360b9659cf8c669b12171372347c7cacab0f0ee86741b6812ae31ca42","first_seen":"2025-10-05T06:29:29.138825Z","last_seen":"2025-10-06T06:19:23.577988Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f7a580f0-BYhIXBak.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/f7a580f0-BYhIXBak.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-41a\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1050,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1049)","md5":"9ed4fbc70cbdd8df6bf37eb280577118","sha1":"f582be984db2b16c97f6206e15774898ecd7bea3","sha256":"f0f24e73a09f7bda664c32eecec2c25e5a0f05f19da2d1d2f9e8241fbb756604","sha512":"5e35afdfe8d0a57d718eee1064c2e8dea68da4b747669286703804de2eb6da9ae6f8775d86fa83d1760738f7a8ffe7d33ab069b3639dfd7d8095a701783181ae","ssdeep":"","tlshash":"6a11ba8be6b4621061659efdd525e17822bb012b47cdcb32e1ef07790b211bde000e93","first_seen":"2025-10-05T06:29:29.148336Z","last_seen":"2025-10-06T06:19:23.575022Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bff796c0-DIy-wx5s.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/bff796c0-DIy-wx5s.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-6d6\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1750,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1749)","md5":"7d70e2d4231b892a54573944d05f1e40","sha1":"6f3f27356f4dc0c3789e5215b237527508bba670","sha256":"d228c6f910e6554517adeadf31010c6c815478c4fbb4f73c436ba240dc150fa5","sha512":"cdfab1fe3fde7cef1383447d24e2d5840e5954c7a6cae56ffca4e559ce3ae43c461dbcefe61bf60c9b1c3f4b907bcf77f3b0640f13b8f23e3bd7f0d4bccd9035","ssdeep":"","tlshash":"ad3143ce26f02571855d14dcf63b71c5b07a1062718e8590c03d4e763eaa9cbc3b2a8f","first_seen":"2025-10-03T19:54:09.847218Z","last_seen":"2025-10-06T07:31:07.12103Z","times_seen":47,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a6ace403-BtCsbJwl.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/a6ace403-BtCsbJwl.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-1d3\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":467,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (467), with no line terminators","md5":"6adc113a57d9a072b943c08c0e6ba367","sha1":"feef0fe40524fe106466fa1a62d2e057933d400e","sha256":"42b39b9abec5ce4bf97ff4dea03d8f5c610abc9d92e26afe346700d560961518","sha512":"9ea93b2d76adb80b9a1f67dc35ab3208994d2275e4b85a2b07fa5ad6b6409b3c8a9ebef9a3b5b1d02d82b778c49b37ef7432f9292225bf9d6de7783af8a0aff5","ssdeep":"","tlshash":"2ef0278687f05b98820b328dc5a528467588017752cc8f62f1bc1b796bab9eaf421757","first_seen":"2025-10-03T19:54:09.852613Z","last_seen":"2025-10-06T07:31:07.123234Z","times_seen":49,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f45857d57-0EDmBYJf.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/f45857d57-0EDmBYJf.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-77f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1919,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1919), with no line terminators","md5":"b160d9d8a7bec51a9a2e3977ade40cff","sha1":"3b913f1882a9efad26f5dbd4e607bcf09e963f2c","sha256":"51fe7eac778533573a29e220defab656a92e3afc2617929341ec952c5fc280c8","sha512":"521b455b00ba71a41a0104fe9d65d0cd0424f9c2889220ae332986dc526546bd0ccfd0d7c7e862fedc80e17fbd59dac96ee4b4fe3e674a9f51af3fc3e11c35d2","ssdeep":"","tlshash":"ff413057e46482a1582acdfcc075d425a57b2397d3c9cbb1e0de4a350b68239f206bc2","first_seen":"2025-10-05T06:29:29.137783Z","last_seen":"2025-10-06T06:19:23.56638Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f6994b72-ZDiYypmw.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/f6994b72-ZDiYypmw.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-2b8\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":696,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (695)","md5":"326b25ebb739e13ee6a5102126923d9d","sha1":"8e3c39932f3a7075048e62636e317cedc5b664aa","sha256":"5713f852623cd387867dea077c120ddbe0fdd1762bd2ff0992952e8d8ad32f31","sha512":"02f964a5d77184922e101775f2e8fad9635a464acfde10114bd8c2bc48f43f6ac1880fc886cc81a04daee80cb7df79df9a0c6971b903f0210c65029db491c292","ssdeep":"","tlshash":"f501fee647fca7688814136dc4062101a61590b322fe8f90b17c0b2e23eedbaa619647","first_seen":"2025-10-04T01:04:38.812053Z","last_seen":"2025-10-06T06:19:23.567397Z","times_seen":16,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y2afc38-1XkjtMWx.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/y2afc38-1XkjtMWx.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4110\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-100e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4110,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e170e09175ec23f8f6924a322b61bad6","sha1":"2245f929014663286798d40203458612e2e2edc0","sha256":"26bba801700e160f5b4ac6adf62fa1f50ef1cb77fbc368fab973aa716cc509c8","sha512":"33ffa10fbb6d0013b26b963416f6a21ca0f08228b9f8856c19731b4eeec32071d2a44b099bd5e938ddffe1aabf3f9778cc3d8a6eb55ecfea80dae6bfe14e1811","ssdeep":"96:S0zMZVPBlFntIUysj6rAa8vw4NC5xXnM:vzM7nTI7y68I4N0nM","tlshash":"f5816d0fa7525707f9db633baf81130cef85aa2352c49faf63022d286d85c91b55c449","first_seen":"2025-06-27T08:10:52.436822Z","last_seen":"2026-04-06T16:14:35.255169Z","times_seen":146,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d4c131-D-ZGdCsf.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:02.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/d4c131-D-ZGdCsf.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=7hnry42dk0iq5ek3wvdtazmcne1gtw0j; syncedCookie=true; oaidts=1759724461\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:09 GMT\r\netag: W/\"68dfe4bd-d13\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:02 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3347,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (3342), with no line terminators","md5":"fb9ea37d2a6126124c24c220e3f6c5b8","sha1":"b9f390b482c233fbe76aec24a5a653e73cb2fd19","sha256":"1b61f600c156e5f4916f79f7f474a2fb7051586ca0d49b268bf7a47ef01a36a1","sha512":"22ce36089aa9e4d0ca665061f8064d6c2c0f18e6514b217c9d796ccf5198477a91e2fcbaba48f576861f3006adb8c6aaf5c40afd7c6c8cce49af101bae96da92","ssdeep":"","tlshash":"1461d854b2512bbca437498ae98e884d7a467b51df0ecf9af1fc642a03cc0497b1934f","first_seen":"2025-10-04T01:04:38.836525Z","last_seen":"2025-10-06T06:19:23.56467Z","times_seen":20,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T04:21:01.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /clicker/1866/en.html HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Astro:5.1.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89165,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"95e76796eb99f81ebc62ee0c46e0e285","sha1":"553590671362c534726041ede22a1aac74398d81","sha256":"fefedcca682ba8aba3a6198262e23938f3cb74870cd72d927a6878ed6a4a2fcf","sha512":"7c621ff4e5877b93397db891838b5f5c5c62b1590ef7aa65ee8c609c4b0c3573a818629caf5bec455343894d4be888764570bf4487a22b251e40f07feb3d2f0a","ssdeep":"1536:XCIKofq4ouu7u0s9qnlHOlWavP7h7JTinA4Tfi9NjivvMNLgCYbg:X/ffpwvs9eHOlWavP7h7JTitTfi9NjoA","tlshash":"20931a4acbb210367c2eb3e2d196f7087127f787ff6973e56856022053d26d92673a50","first_seen":"2025-10-06T02:19:01.576279Z","last_seen":"2025-10-06T06:19:23.541171Z","times_seen":3,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":43,"dns":0,"connect":19,"send":0,"wait":33,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p38d410fe-jDQcAAHE.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/p38d410fe-jDQcAAHE.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-c9f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3231,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3230)","md5":"e76bf4e46e005b5f0b9cefc8adff0ecf","sha1":"ab3b1146c00dd2e0a2ff9a8adb3a853e8bd03c6f","sha256":"c0930412c1702092a38dff42130f07588699f1fe9d7d05b2a0072f9320095b62","sha512":"709f06a144e678f50e7ac93481a2b1e1272bf615bcbabbf3a36b562ffba14b31a2927deaae4843a70358567d3e01605d2ef6ae4acacbbeea816d2540623ff71a","ssdeep":"","tlshash":"7a61446967fa3b6f4ca92b7a524dc10f163e1c0ba489c6346c97cb2cfd5059c38b0b51","first_seen":"2025-10-03T19:54:09.823931Z","last_seen":"2025-10-06T07:31:07.122128Z","times_seen":49,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k0b1128-DObcm-RX.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/k0b1128-DObcm-RX.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 636\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: \"68dfe4be-27c\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":636,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1652c7660f0f4cb2abe5ccc27de1ee6c","sha1":"ed0b317cac25c7e4223bf44ad2d701059fe828ef","sha256":"787cf973519cc12ec247a71aeebdd50e650a2b1d42d744f28cca2ad3bd09f502","sha512":"0ea7b83d4f34299f826730b0f3b8850beb3c9a4a64da65936386a350c007a3c1de12849f8a8bfc5b5f994df35351ec0fa9c16399603e37280d03f81db24a5251","ssdeep":"","tlshash":"bef0624759e81cdbce071abda12d3bff41cb88cd65c2d9920640389a01e2248ca73e67","first_seen":"2025-06-27T08:10:52.470152Z","last_seen":"2026-04-06T16:14:35.263216Z","times_seen":162,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/v9d8b4e8-CzkIiLlt.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html","date":"2025-10-06T04:21:01.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/v9d8b4e8-CzkIiLlt.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 04:21:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 03 Oct 2025 14:59:10 GMT\r\netag: W/\"68dfe4be-6b1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Wed, 08 Oct 2025 04:21:01 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1713,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1712)","md5":"e91ee5265b0ab62a0df1a68b3c20ab66","sha1":"7a0177dfde4db816b9411a5d7ca72513d0ed7a03","sha256":"4082920584190236e7cfda21553923a0c7059b680a39360bd8098d01fbdf5352","sha512":"4174eff24ace08af164daf89048372d4842358dc30b6b9eb32db644bc572a3dcb71c7e54ecba46c32f58d30f0f9196af7c1ce6d7deea79698db52f9611063b04","ssdeep":"","tlshash":"793140df89b04bf8c46b81e6e21af63473590647e28ca70590ae0d301732e4ad32ab57","first_seen":"2025-10-03T19:54:09.749453Z","last_seen":"2025-10-06T07:31:07.115996Z","times_seen":46,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}