{"report_id":"f6670742-3c70-4228-a75c-6adab7dbf72a","version":6,"status":"done","tags":[],"date":"2025-11-13T09:26:56Z","url":{"schema":"http","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"title":"Help Us Understand the Future of Work","dom":{"size":125284,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"52028cf1ef9c649f713ea3c3503bba2c","sha1":"069fb036ef5526b808b993e6de1e8d12251b2e98","sha256":"2276e8ca1583a8adb7c39711d3b577c1aa09d0d275466e5ef9815560013de619","sha512":"86a488a7f4a5c52c05114eafa7b969e8a1b93733f9a7b5a77020de75e18d21f575f5a220090fd1edb1f775f98e5712a142185b411d965fb3459a6940a335fffa","ssdeep":"3072:tezfafbvMqIHz5ea7IgIhBTs1q9PTi9eP+ssn2l0RKsYOOu:oWfgLH9ea7IgIhBTs1qti9eP+ssn2tu","tlshash":"56c31a5656b306292c2e77a0e096fb04e09ff74bf7a67bc0687a01215bc39c93b73654","dom_hash":"domhash750b8cdb2a2eeb0954190d8f591cc5a2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-18T09:26:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdntechone.com","ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-12-24","domain_rank":31929,"first_seen":"2021-12-24T17:09:58Z","last_seen":"2025-11-11T06:25:44.850872Z","alert_count":1,"request_count":1,"received_data":17276,"sent_data":378,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-11-10T01:38:56.234977Z","alert_count":0,"request_count":1,"received_data":834,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"datatechonert.com","ip":{"addr":"139.45.195.253","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2021-12-24","domain_rank":17968,"first_seen":"2021-12-24T16:44:17Z","last_seen":"2025-11-11T23:36:48.26496Z","alert_count":0,"request_count":1,"received_data":482,"sent_data":551,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fmscc.com","ip":{"addr":"172.64.150.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-03-03","domain_rank":56637,"first_seen":"2025-05-23T16:04:51.866057Z","last_seen":"2025-11-11T08:43:22.693048Z","alert_count":0,"request_count":2,"received_data":2467,"sent_data":935,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.ak2yy.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2022-04-14","domain_rank":0,"first_seen":"2025-07-28T00:54:36.726993Z","last_seen":"2025-11-07T20:58:44.788915Z","alert_count":59,"request_count":59,"received_data":641165,"sent_data":24060,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dbe0281c8-NRW6C0KV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d372fbadb1cd193311c8d3d18cd33886","sha1":"a09f67e412f38b999a7c5f56ce8d3c74333a4a37","sha256":"dcf990b897fae76b2669c04fc86d235d66e4879defdd4303dcbefaa4053cf8e2","sha512":"bc835efdae9ab0cb4d1f6e730e9661315f26c70d2d09c8185cf34165d28f31365ebdf1cb05cbf1c1115821d55e06f77e3ff1e59fdc9e77996168000a074a3ad5","ssdeep":"","tlshash":"bbf0dccc1ee042ca810a23ccc2637d01358485e3569c8be1937e07392746ecde830347","size":468,"data":"","first_seen":"2025-11-13T09:27:03.347165Z","last_seen":"2025-11-13T13:10:59.510884Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k4bc664f-Cqe_qYC0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4dce5d86bfbb997efddb7fb797ac499d","sha1":"81a6feb665104bc7ccd70eb1cc892e0be37fa161","sha256":"73136d232a12f6e80e3d8b6af999f3be7ddb0997f757f7bebcc3cde695e74ad1","sha512":"c02cb2844d851bb2bd86fc0d8e455bd99394ac10186494973229f94c7debd84cb523c257da379ce81f45605e65fc819d452a39270455a07dd8fb83dad3c4c604","ssdeep":"","tlshash":"9741866971651bbcf00e449ef72cc28af017bb4bd64ecaa0f07c891617198926746f81","size":2211,"data":"","first_seen":"2025-11-13T09:27:03.323559Z","last_seen":"2025-11-13T13:10:59.518483Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a377d6ecef-Cv1EggFv.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b65fb7d39d547beaaa9c00bdcc818d79","sha1":"39eb58b62b93a4ad2fbd00054f3f1755965dd0d1","sha256":"aba948e3efbc2860f2b7970ea3682734a4b079c04cb56bbffeaba92c1745da9c","sha512":"4ad5ce6ab4215b3d529b195e8735374e636ebc13a89b9429644873dce20bdc11fd4c6333928355f5f36be86b32b01082391b3f6b9ed0acb723066e4c2a01b591","ssdeep":"","tlshash":"1af0a3c55bf53e66813a12edf956ad00b189153783cc0f95e2780f3e0365bce5611387","size":453,"data":"","first_seen":"2025-11-13T09:27:03.319885Z","last_seen":"2025-11-13T09:27:03.319885Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ec051de8-BtFOH8JM.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e29f232656901574efa9b502cf74692","sha1":"de62adc7ae3833667d5524c264fb7a316f30998a","sha256":"5fa40d44487dc1e7b177d7e860763cf59a18f5c2d2577802475bff3c15093b12","sha512":"6b1a3769c1e2b4d158e72872b43171b16614042ef11d3b5bc7370cadd4d6df629cf15751d455839765bc2b3bebe522454bfff90d8ccd0d2415afcc256f975648","ssdeep":"","tlshash":"bdf05c499bf83a09413d635cc9965941739d0077628d4f51d3bc073b9375ed95c10387","size":451,"data":"","first_seen":"2025-11-13T09:27:03.345978Z","last_seen":"2025-11-13T09:27:03.345978Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","size":16490,"data":"","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-04T05:52:39.381019Z","times_seen":9008,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0fbb7dbae3c20bc81da1b8bf41c13e8e","sha1":"f333d36b1dbecd026483e78eac843bdeb2dde04c","sha256":"eeeffffc79c48f4fbe510fc3fcdae29885a18a48ae121968e03fe502fb48fecc","sha512":"1e82716fa5da363b595ffc7b569caaa347df281bc89fb9d62dd89d2dec789280d9574694f6f78d250922e8d0d3bdc8a637f5748d7c4f4e5cb4e5465106542e0c","ssdeep":"","tlshash":"9ff0998af3c8b623410666e5321b801be67e1851b407a864a0a088e2ac7a449c189f3a","size":636,"data":"","first_seen":"2025-03-04T04:04:04.143618Z","last_seen":"2026-04-04T05:52:39.404816Z","times_seen":3286,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/efd0446-AhDkcItA.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"424f0b14c00e79cd3c309c52b45905b5","sha1":"64339e7e41a0a0884496c70754d951e8257742a9","sha256":"e08c441583e2732395ae1e23ca20d44b1ec2af9222234f5c479fb1f59c5dd190","sha512":"8efd44787959e4edc519a7407be8a5d33e5cbec01d3c8b68dc7f0fcf857499630f3fd36cea6d6094ccc3763993f26ac3392b412aaa5fe37e4842e59f28a60068","ssdeep":"","tlshash":"5f414303b132d2b15156798fcb61720ef6b097672ae8c5b4fc385c2153ca9878b2e739","size":2403,"data":"","first_seen":"2025-11-13T09:27:03.317079Z","last_seen":"2025-11-13T13:10:59.503679Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dd765fe-CKTJVBWV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ff839a9575c692a3ece3da58549bc39","sha1":"c47a16755642a54b6476c5c4d0cacd7c56a257c1","sha256":"1dff6d4e33f04620b0cbe8136cb190a3d2d83220bf03e024b5b15bc71d73e62c","sha512":"379393bd8ebb86035a820273702aa9aae423a539240da3ec9203b71ec2c8ca982008caf5ab580a813680d6ef1ce906459bbc4dfa59a336f4cf71cc6c6abeb155","ssdeep":"","tlshash":"df71d8cec9e9c534519f31df11281220b6b94f1b742d8394a07e4f398f5ee4ad485bab","size":3735,"data":"","first_seen":"2025-11-13T09:27:03.338416Z","last_seen":"2025-11-13T13:10:59.522114Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b58f8a85f-C401tf5V.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"79ea9c424a6c78694d2404e92d5fa922","sha1":"2a6e41f043c4d01f610cc1e2c50f8c96ae91dd09","sha256":"16b57d13fa60ef39715d8abab2e86847f26fb87373935ed70e91ceda3e9f7a7d","sha512":"fdf81e054c928976dbc6baf5506e9935d25d48492eb6f4655785152a2cab978e8de87ff0cd6a023c7c24ce61d06a5d701bfea3e4e86b3011d11103210225ac80","ssdeep":"192:C+cUQ6LacsmT27YSNPYmRwUdfkQQYiESpJxr3ceQzez8L:C+cUQ6LacsmdSpYmvdfkQQYqxr1QzezI","tlshash":"b4021a4aa1700bbe64074cf8e5f5e00643349b46d64fefb8f65d4a2926e8204639f7a7","size":8725,"data":"","first_seen":"2025-11-13T09:27:03.331759Z","last_seen":"2025-11-13T09:27:03.331759Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/u884c8a61-xgQidDvD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0924d961f4bbfcfbf2947b182ee1b0f6","sha1":"99dbdd2e5159fdebdca0a5e3109c9018e02c20cc","sha256":"41d494ec67afd9ecc468bfde1ede08a35a77e9fef0ef63c72ae3365ead0b4cfa","sha512":"956631a8164513c55ce233c11d32d0bbd7580d87709871b3a72466126e424ed98a73c7a15096aba12b22781918e4605beb94c5329ee911857562b4859ac242e2","ssdeep":"","tlshash":"db516859b0b27b7c743b1acce52d5c42f30d2b599b4d4e80a13da8311a940d57f1a3ce","size":3121,"data":"","first_seen":"2025-11-13T09:27:03.327808Z","last_seen":"2025-11-13T09:27:03.327808Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b8fa55-DFyULdzD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"afe3d39bbeefda45c93966fe444da933","sha1":"7b25d4afca5f56ed26b15a67ea255886b7d36d3b","sha256":"defcdb35dfc83c975847eb4e53b91feacaf166ef4f7ec75964a630a348f929b8","sha512":"a129322cb8a3829c602b417d5b05375e3570be6e5ab8adaf2d898bbabe19365b56de8df08caa555b32ec1e2fda69dd58781d2eae147d4c988d3931be27fc2fec","ssdeep":"","tlshash":"9d2144cde1a043bc9a0b10ede33e500974550363cb9d4b55e2bd563a1fa759ad415b81","size":1178,"data":"","first_seen":"2025-11-13T09:27:03.369896Z","last_seen":"2025-11-13T13:05:11.168788Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"60725fb5105c79e4a83e796a7fcc80d8","sha1":"3752a5705eb92348e3b4395a9ee2904f7608a138","sha256":"66a7b279a28e2ad8e34ed695cbaa61dcd4efec6298dfd1aa7bfe62fcb8ca379f","sha512":"a8fbab362c93ab975b7712882d8689171cc7b91e3bc4dd615c58c08e2c0f63c204859415fd69ad4610a8709006b5fdc0b68ab00cbaa2281198efe58c7da135af","ssdeep":"","tlshash":"40219657131e3788b830f82405acbd10910e5c6428ed540eadd78d865621f1fb9fc9bc","size":1149,"data":"","first_seen":"2025-11-13T09:27:03.376208Z","last_seen":"2025-11-13T09:27:03.376208Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e1e8e87e3-4hZDrZBc.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"0429e0bff7e7496cc57434fc37787a32","sha1":"91ff1c56df6de272477456e65ff0ec1f0913641f","sha256":"734e7c41348b3a17f48e2c4ca6c13fe16cb7504221ff7040515aa814a543e48b","sha512":"fb3d33e06d3de0eb64af643ffe9579922667619d88921892a0fb88aabe10a149bfa0e1edd2e092531f5403a9b4a6e177d436aae85b21db3067e5c84a23e880b6","ssdeep":"","tlshash":"3c313f8d32e12971819924edf63b3181b17b1066714e9990c13d8e373f9dccbc6b1a8b","size":1754,"data":"","first_seen":"2025-11-13T09:27:03.3623Z","last_seen":"2025-11-13T13:10:59.507685Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b7eaf61f9d-DjCnIZWv.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"029038f9b712acdc03df598ebe3c9ed9","sha1":"3dd5a3c3b9db49a6ccc80d1f74ae8e81137b0491","sha256":"f10d013b63b32a65ac01e798ffb6557998f74ca1486a548f3632333bb30d13a8","sha512":"de2d48c153312be2662c35adda348e9f755291f800ede33d942c3c52f99ca10eb2d1f02146d2fcda0fb242e57bcc27d619340f742bd7b71bb03defdc9c372b08","ssdeep":"192:CcU8vLaEamMqaSOU/Q0m8FJ1yloVwYUcDIXZkTOFHqjFV1/DwPVRdQb/JUSZS+gU:CcU8vLaEamMqaSOU/QirTUcDIXZ5HAVn","tlshash":"23021988b0c72d7cd0db8cf9a5608429b63f0a1ae55fc1d083ae6da80195d4552f7f8f","size":8637,"data":"","first_seen":"2025-11-13T09:27:03.364606Z","last_seen":"2025-11-13T13:10:59.527975Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a66c836e-B2E5u6NU.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc2e99cceca277a8564a4c5be5c506a2","sha1":"38d2cf078776d2f3cf2bc54739f1341a255b01d7","sha256":"8884537f4719509e438cbdf685d1bfe268b62e65ba84d84bd0add882e502827f","sha512":"cfb520e3aa0362db80b407ff7c5a472dde1a73ca1b8a5c7b6945356eae8b3d147ee9f3018f5c9b709c6d6ce1260c690e3519f85f315a779cd6e19eed95a9f22c","ssdeep":"","tlshash":"89f05c445fe42e9a4039125dc5a6381177cc007797ec4f31f378073a5355ace9601383","size":451,"data":"","first_seen":"2025-11-13T09:27:03.3214Z","last_seen":"2025-11-13T09:27:03.3214Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4c1af0f7b285642bb8af9be1358ccdf","sha1":"99684de7c628cfb3226e2859359829cd59044f4f","sha256":"1232c8f0c830c49e369ad8e76abf02d09bf431195fc82201480edc1515c217db","sha512":"b474f80e218865474416415cc857664a6f1e0934a4aa82ab217111f4baba262f92b0b9b69c5e5eeff8677b28bed39967e8752d16310a6b2d3bb60bd431603fcf","ssdeep":"192:8r3c1SyRoFCbsFOEzBr4WuVuYoe21WUfcdova4EUAMRjlehEeVGcnW/RGGb5ao8o:8XCbPm0WuVuYoe21Wucdova4+MRj8hDY","tlshash":"d922d6463ee7f2412e2467b1c07b9111b3f25952316ab192b91b7522786108fc3f3fba","size":10465,"data":"","first_seen":"2025-07-24T08:17:40.839961Z","last_seen":"2025-12-09T05:17:14.075084Z","times_seen":1721,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/o039fc38e-B8106jTh.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"063fd9f727495f637b2d608932235a47","sha1":"89607ea67fd03bbfa054eec29cb72bec132d1b1f","sha256":"f8b28017cefd3b9e17c2723ad4904890694968bf995a0b366f9f907f01ffc240","sha512":"dcae5894ae991f4af583fb11bc80f7bd291f7892db4813e5af743a019eed1b11be0010440e57eb7ff6bdebd3c41d4f9d2cfc5623e43cad7b19d309e320d95c8a","ssdeep":"","tlshash":"3751dabf44d8a8b9094cb1eed63ad1622e1828533c1dc1e1a57c4d2e17d3496e03df67","size":2748,"data":"","first_seen":"2025-11-13T09:27:03.33724Z","last_seen":"2025-11-13T13:10:59.515073Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/aa48384ce-V0KNdAcC.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e21da4db648846fbe86261488333cf0","sha1":"deaa31275178d3dc8970fbf3ee924c57dcfb8ca7","sha256":"8e3c6a768fea53ac53f4df772b525ac83857d5e173906d88341add6975aeb11f","sha512":"42af2cc1e0d38b30bfc314a87e687a1bbd3228932525dd2aae1111a7a38ff9a0563ccee8c1931c5bd7039ecfbab4e340547685f2e7d891313f84830a4d01dba0","ssdeep":"","tlshash":"e141758175f55074c5a12dfec1101222b1394a53379c8697a26d6d341f6bd45f42bf33","size":2077,"data":"","first_seen":"2025-11-13T09:27:03.342263Z","last_seen":"2025-11-13T13:08:42.306613Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p4b36fc9-D4YP7fNl.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"453c7fe6e3ea291b14a9542d62c3b2f6","sha1":"790b839050554e36357ebc85ded21847970705b0","sha256":"9d525141d728e9c807ab0e2b07c2f5ea9793e1ba91b06044295bafff68c28e71","sha512":"857b3c00512cddb5abcafe20c64e60800a198a718a700953bbc6b823e8ea66f49ba6243193b360025400c68c2b547de079935ed134244a1f422914291a6e0773","ssdeep":"","tlshash":"83213381b2f3e0b80bb5169ce0273745f554492297ccc7e0b1aa16761ed8e9fec3026b","size":1355,"data":"","first_seen":"2025-11-13T09:27:03.353725Z","last_seen":"2025-11-13T13:10:59.523372Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/u7d966fe-eYIaTG1r.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"36ce9b003c0ff8b32a6a2a4a022d20bc","sha1":"6f3a619d928083cbc0ea56158d14fe43aca6a426","sha256":"d3f3e969f50c5cdbcd892ee94af573a5aae964f6cd883798978938e89e8593c9","sha512":"4f464fe2e9c30685d9f4f4f3337b22a62f6a813b71e9412b09aeab9063ae4875d62fb956b7affa6f9522fab00b56f8f3c62ddc65a18d89ec5578bcc83a6ad966","ssdeep":"96:xoRatOb/QIlnnUjOfeI9YTGDQjgHQjski8Qj/zVzxJC6M9ysxmgUV+sszEQT9MQF:eXDPntfeI9Yan/8CzVzW6M9vxmgUV+sE","tlshash":"d2b1b5c5d0a9dafd0def9ade2490d16273108e037c4bd934f2a54c2a27f9c0661ab75b","size":5343,"data":"","first_seen":"2025-11-13T09:27:03.355043Z","last_seen":"2025-11-13T13:10:59.519577Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/r8675a519-DcYllDB-.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"fe5e998704400adfc517957a2e7ee708","sha1":"c01831eab690ed555fd442175f8ac22952322a1f","sha256":"25eb428ccf5bd962fd2cbcb5d0530490680235710d63c6a86596941f9d5b47e1","sha512":"d11aa325b24b3d08343743ffc6141148b26198ef155b3189faf4426270f473b7ff41b690df9a13fab50e0a6c3876a4c89e1a48c53b0c36acba2821d53f232a95","ssdeep":"","tlshash":"f14194ad81f5c564c1a52bddc236f93231a98433345dcfa5e27e8e3157bee8140b4636","size":2198,"data":"","first_seen":"2025-11-13T09:27:03.339715Z","last_seen":"2025-11-13T13:10:59.499783Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9b308d2b60038830ad23a38fe7378d2","sha1":"ffff1b947bf97ed50c37cf709358ddbef1327e24","sha256":"fa4cd9592f1e4e853c12a8de14d6f85f6892fa44e799f6351efad08fdf29ae82","sha512":"423f6918b76e8a6344cd7eb7896b65aa65ffefcecbdc6d3abaef00ea4569c18db324ace0bb3df64c0e6950b57852df7b8d775d8ad706b31165605a39135ecfe5","ssdeep":"384:8MLg4o4MvMD9S2YVKqFnQ7cjuGys4+GISTZ4Ex3ly0eqnatI8MfZGpsuVe6:8MLghh92YVPFnQ7cCGys4+GISTZ4ExVm","tlshash":"a082ecd69f5316443b2ce752e2678121f65c6c80f3d8b630782e5a41e8d0cea8b775bb","size":19205,"data":"","first_seen":"2025-11-07T18:38:32.601423Z","last_seen":"2025-12-08T13:03:51.548614Z","times_seen":547,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bdec51f-hCDJ_I20.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"454572bd93adff89940947001c66a857","sha1":"57161a83f6230e42cf5894fc62fea03ac9ee46cc","sha256":"a23de7211ee9464b08ac3370b745bb3ecf7d8fb4baf6c359b99e06b3879e2cbd","sha512":"93cdedefb94fef706afa3e65ca2f5d9f1731aa7f5e86f86b512f75536a672fb5002606e21d07d405ceb2ea474357246bdc02a00158020e514cbd46b66cdda962","ssdeep":"96:xD1cWUzz6zuxzFo4Bb9QQMqgNSWkSxy/NSxRq2:RUzGSzFXB1BlZOyNYg2","tlshash":"f491048fb87920fc7a97c6dda173e593163725061989c1b499d74f2807a0285a33bb47","size":4314,"data":"","first_seen":"2025-11-13T09:27:03.359938Z","last_seen":"2025-11-13T13:10:59.510384Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d47635c6fc-DmdQv4bP.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"5c47c4539cdae3980bc407b25574b7e4","sha1":"c105c802e3b7140c6a0d794fddeeb90295d09cd6","sha256":"5f4a7ce256c458e63e723ce020589a1948487b093c650d3eeff79ff0015ed18d","sha512":"b6f74f70f170f677bc2cbc5ed60bdbbd4d80157e80718e99c296803faee8b09bf8d4121aeaca51e2c43f9a27da9ada1ecd6453cc88216531d53f4d462e0045c0","ssdeep":"","tlshash":"b541b7ed48a88c34b1ce4199a6395a0227b5160338e55e56e17f8ab0035cc8f871ab3f","size":1877,"data":"","first_seen":"2025-11-13T09:27:03.348578Z","last_seen":"2025-11-13T13:10:59.528732Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k756e54829-u9LjOs7A.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9a3786e3bd35b8845b7056b7a40671ae","sha1":"eb38f3bdbb4f6e66d089a2d678926fcf0911f34e","sha256":"819461ec18010d2c4e871713a5683bc76506f291c2ae4ead39ed9f32ed04bf62","sha512":"0a0b8f1ac19fdaf1cd005a7ed59a08634fc7fe003464dd618ebfb4d5dbcabe91c6ac56933095708e167e6afe6283c811c7b57ec01ce165f450676e45e7e689f5","ssdeep":"768:6kVirOw/oDfftqxaIIjv0hM6CBInlCYDeYsMiBATx+E1lzXf27dorO6DdK1aljeP:NVvw/fBhOATx+EznxRuxJgfPwGi","tlshash":"98435f9ed2529fe989b31788b95c2a11b22d0d0ded4991a0ecdf0f16176ec87213b79c","size":59323,"data":"","first_seen":"2025-11-13T09:27:03.358565Z","last_seen":"2025-11-13T13:10:59.506449Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f0143f9f-Dpz7cNiJ.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"10007ce26d126610e7cfc87d8cb01663","sha1":"9292129f986a7c93d4fc43dad1e0839a26958c87","sha256":"f2f05e1c866b28f2921feb68d6af078681280c63d7eaf236f8129032b8101455","sha512":"ae3b0208ef21c329f82f213b321b56b62f3f93db20bd321ae259dc87808a8070df6f0208344d011d6a81ac82e63227d84d4c0ee2d4e006cb6c1d8680ab61f2b0","ssdeep":"96:jpLaccBzN0kW4a3Ies+NjHA9w5jfj2e7D3fiytNn6ijpGQxeL:lLacGnW4EIeNLAybtvdn3JS","tlshash":"16c17458e2791668b02b5ddcc33a521767393363a84ddaf0e47e2e2113c6b8057c66e3","size":5700,"data":"","first_seen":"2025-11-13T09:27:03.34089Z","last_seen":"2025-11-13T13:05:11.184581Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ed0c1c53-CGqZr15h.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bd9ca1e9d7fadeb69ea6c97469b7795","sha1":"b333a55b90bf31908c645a8c17248bc1124d000b","sha256":"1eef32db82bfc1ba6f66f713ba65184f820e825299eee2c56bfffb9125cf9098","sha512":"8ef162932d6e23b59626cf41cfc4bfe1c2a3c1ed5e7ec3a5df1161ebf814a9dc7b3a641ff0166d9548265ca88c8a5abd126759c830adc42677063e42aa27255d","ssdeep":"","tlshash":"e5f05c456af14a298226129eda5698413a9451375bac0f6191bc0a3a53646da9d02283","size":451,"data":"","first_seen":"2025-11-13T09:27:03.32579Z","last_seen":"2025-11-13T09:27:03.32579Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"091fcea2ce8db1aa7fe44a4051e96b41","sha1":"4d1b368bcbddf456742d0abacd23ee510e609158","sha256":"433585662f852c8c76ded9e6f52054e1a120c78c7c0ecb8048fd3b99faa897f7","sha512":"765886ace161a524d53d770197f9f99de2c574df18129c8f32c3d4805f4680e2bd3c538527c6ed7e053b462fd1482e2eae75fcdf545bbeb795feff24d9c77d7f","ssdeep":"","tlshash":"14c02b9512f3e130f2a741c5c3cf32430000725602f841d351055c70401cc8a55a4f30","size":130,"data":"","first_seen":"2023-07-22T04:09:49Z","last_seen":"2026-04-04T06:15:52.085388Z","times_seen":8189,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"15505b2350e129b787d479f7507edee9","sha1":"09ccb3a84e7f25a30bf97594c9c98b6878fd4483","sha256":"53b6bbda82ae145cfc0fb1941cb035359d1c8b298798339cf53f5a543836ad65","sha512":"970991ac74c61bd2a25fe8a331be62b328d99d1f04b87a83cf50deda9d4d6b68a04403ba120796b1e2f9de04af78d640626fb95d2370907f4b626385f0562178","ssdeep":"","tlshash":"3a61947813111bb33ddda0a9dd286ec3dda51834859a887e784e5cf30658e4381bebb9","size":3462,"data":"","first_seen":"2025-06-11T22:43:11.360804Z","last_seen":"2026-04-04T06:15:52.085958Z","times_seen":7208,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba0f4e77cb3d1968e8bb09e81cc6345e","sha1":"c3dabda4cfc7ed18627ba989f8ae8766b1ce4933","sha256":"7885d6bc09b192bdb9d4b2599239e210ae4b70f1773646a96c97a9a21c184487","sha512":"57baf1a1c836348e36fb6c38e649c142601110dd231faea9bc2a5c9c653c4b014dc4d02b3bbd7dad06a67eb2418bde568ca6f698086f9ce179718b5b1c56261a","ssdeep":"","tlshash":"f3c02bd612f36130f3ab40c7838f31c300207016027840d351014c70101c4494594e30","size":130,"data":"","first_seen":"2023-07-23T05:20:44Z","last_seen":"2026-04-04T05:52:39.409208Z","times_seen":6609,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/z1d1e4bb-rxX3ZVG9.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"0a7b2fbcafd64d32bf8ad78634d83682","sha1":"ef66d3f0b36d59f4dfb8931ab21e8df4a9e55c58","sha256":"4d89008c2ac368e311fa1291500199c4a4f6e61687fe3e7b8676fdb88f86bda1","sha512":"92ffc761130a0d7ff0b2ce24f094baa6a4d1958ab80c793723e4a5d99d3e49d523fa84936d60052583c1424f21fd6105cdb89df1cd54e05748d1ac85d4794b30","ssdeep":"","tlshash":"b261156967fa3b6f4ca92b7a524dc10e0a3d1d0ba489c6346cd7cb2cfd5058c78b1b51","size":3236,"data":"","first_seen":"2025-11-13T09:27:03.344736Z","last_seen":"2025-11-13T13:10:59.50923Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y40b5ef-Bsm1AWUK.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"88fdf9abfdbbde63c1c2f2857bfa082f","sha1":"8406c0804a65e3d6b013a5d734a804d6bf1f27b0","sha256":"b9f052108786496eb52962cdffb98432afb6e2400b7c02045c7ad713314d87a3","sha512":"1e03b4887443b710eb4978301fd0c26b61d42a2ef4af009146eb9677bac11eb2efaa07193932eaed53384a0833fb3451f119ef3a455d839a544619c59ba58255","ssdeep":"","tlshash":"e0011bcf8be01668800e31dec26b6117228001a3ce8d8b80b0790a3997c7aeb940eb03","size":724,"data":"","first_seen":"2025-11-13T09:27:03.307736Z","last_seen":"2025-11-13T13:10:59.516252Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/da2bad41-uKiSnrbr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","size":421,"data":"","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n02f8263f-C_kRPHmT.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"aafe321ffcad0046959bdea85e2422b3","sha1":"30359a927dc69f874d87fbe9dad00efd1332e9f5","sha256":"d33019bd2d04207c30665ce63ba4421a93ff2d99ccd4acde796788b81d17167c","sha512":"7ce16701bf3c984e07eae0616f8d2d3af3c1a877c882a4bbac86910f1a27b2ae92ab23cb2c2d66f4b5e4f4ae1619626cb6f8aa0967c56335911eb4e65f3d9375","ssdeep":"","tlshash":"0c11d04f45e0565981ab29ded719a111b55504b3278c9bd2b6ac0f7a0733e826225f83","size":929,"data":"","first_seen":"2025-11-13T09:27:03.352635Z","last_seen":"2025-11-13T13:10:59.515567Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e1004ad47f-DBISZBks.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1afd1ff9d9756c9810699c10ada0b6ab","sha1":"413ce7e6994bd0326caaa6be034c74966011bb14","sha256":"05fae1a340893a17bd934f1e7e66f35ad46e0cf061f7b3fa67b2340c5124b501","sha512":"f3b789f25a3ea03c1a7b3ecff27025d17d1abfcffa60bbed24eba9570d75293bfc76a8500790d5de5655a65bd46f15947962f2e31b0d8f7aeaac9a15f7357641","ssdeep":"","tlshash":"3411728f85e0a230881212eed38fa30071210987738d8794923e4e280b22c83e815bdb","size":1028,"data":"","first_seen":"2025-11-13T09:27:03.328942Z","last_seen":"2025-11-13T13:08:42.30183Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e1e0e167-BAAl1-WD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"38c7aeb9e17ac0f0195c851389722970","sha1":"538a124c12a4ca98e11d435539677620dafdee33","sha256":"930d0c006fba558e53c60d8b26a87ddc34583e529cb5f17cf7f03e499d494ab9","sha512":"45fde27518d494d96fac6a3a4af08f7b084d11cecb13b58243505f1d923a73fc73589855e5c98a360adb32828cd3913d23ac122c273edb915931ecac87faae85","ssdeep":"","tlshash":"9df08b9a66f05339484d26eec25a95027200422766cd4f94b02c6734577abcee506fc3","size":554,"data":"","first_seen":"2025-11-13T09:27:03.318482Z","last_seen":"2025-11-13T12:06:08.029884Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a6ecc7f7e-Cv6ZcZSr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"fcf41de47c50a4b41252c8d9aba4b4d2","sha1":"3fb999f9268e3e36f5499b35509dbc9b2c1e356e","sha256":"07de05cd154b00e8c7cee4041e11fc3feb988462fde55d94984f3fe06c7f28f2","sha512":"d85c7dd09dca22b752b61c0d29a8dc02ac93b132fba52e6bdbc1a8a4c01d3f4eaad98a4216367da6ff43bbf3cdc3f694f160725f52070e48e1e04a1a31c5ec38","ssdeep":"","tlshash":"c23147ccd5f0a2f981da05fcd15ce92123580617a354a6d0903d8f18472dfcf6117787","size":1491,"data":"","first_seen":"2025-11-13T09:27:03.361077Z","last_seen":"2025-11-13T13:08:42.313399Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d2f07659e7-DJZ5asp3.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"b65d4cc8dbb7c487ae18e849a302228b","sha1":"39f29d8a35ce0359772777553a35b3c1f4283a5f","sha256":"f99267d30cbc0464c96b1a9aa2b5f2ef079d600de0b8cc1983e8a1301fca13d6","sha512":"8a9469a5d0993e3d2bc7d27f4afd72c604e205d8705c4e43cf7368c20a0111b9fd43b8707dbed60b26068bb07397b6bb390ddb1487a2e923b256d1d0f0a961fc","ssdeep":"","tlshash":"e051f08fd12610595fe4cfb8bc7926173ae6c22a39c7994863c4e83c41e4bc5227f7a5","size":3041,"data":"","first_seen":"2025-11-13T09:27:03.311153Z","last_seen":"2025-11-13T13:10:59.520194Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n69eff725-CdkXwWBD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"4502297830cc2163901219f4b04d597b","sha1":"40e962abd1a0ec5131335d5f56a318bb8e260646","sha256":"4defef0e170ee521ada4272577b632d39f55f91afbf8c3cb7166643be048d07b","sha512":"16efe747a606bffcdad99513c2a20667e25e248baca0e4eddd7372241d623f9db7723e8a618de8cbc6395de6d0f1b30d6bf79425eb11bc3a19f9206bf73b1c06","ssdeep":"","tlshash":"3511754d7b94282b001535fcd044e9104249526a2fd90fe2e0bda6f92f3aecd7c02f07","size":1067,"data":"","first_seen":"2025-11-13T09:27:03.373308Z","last_seen":"2025-11-13T13:10:59.504337Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y29349f-BQZrw-Tm.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"f1ac7bb1e593a43e6e691e2a744c6457","sha1":"a2dfc5862bb1e18cf49623ba7d09032a5737bac9","sha256":"0d23c801a5e2c3c58a086fea65991901ea02ce788b3f048625fa2a0e7a245556","sha512":"47d03ab77d7582d6252271f9311c9c7c69f3d6eb1af894b972dc289cb7e2f2f233e0e3ea92c1cd51e7dc13a9ad4d6855c17836d9fa0c9da4daa74b36b668ba58","ssdeep":"","tlshash":"2c31b8cde91097acc8396daec31d05112f0a236b139acb41e2fd383a23456c8b511f53","size":1655,"data":"","first_seen":"2025-11-13T09:27:03.33418Z","last_seen":"2025-11-13T13:10:59.508706Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c6060f6e4-C6xMlk7B.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9ea99df47a64bea9628b461545b0b648","sha1":"5d444f10bb7402874fceb43cefedc13c83f98b56","sha256":"d918dd859499ba7eea20463de58a9ca3609b9d50fbea484cd235725408fda800","sha512":"ee4e6a2c577f55234389faeb783ffe69d9bb8b05ca9c714da8d45b6f92220533009a9699b0120359097b2999fc4731c1b37e521405eb49ba5adea5389c079893","ssdeep":"768:k65FCDDOqykJ7QNp4N70H1KcvXCyLHWxA9k/eWj8kcj6tKwtZHNMSgz6lDNwnfZG:k0eqs7QX4qz4PNcj6ftZHNMSZh","tlshash":"0a534a687056203a03ef51e6e0bf6a4bf2356912e48dc644e316cef06fb469d4267f2d","size":63528,"data":"","first_seen":"2025-11-13T09:27:03.332919Z","last_seen":"2025-11-13T13:10:59.501122Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/s3842e4a7-CH5qbzYO.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"6ad5cf98676fabde43dabf1f08cb8744","sha1":"7f21025081a2f79f603b281b0be09a48c06c1405","sha256":"2e511987bc86daa865d91f790d100593313770d853f3a641339c1aed551a881a","sha512":"8908d168542377a2532317b1136a878f3502f30b4897ecf5af94037f8bf22c215c57128c70204e35156d1d874f44f5d60a341b6b744556f5d1bca783ff13b3d4","ssdeep":"1536:sr2RivKGOUC9dpjXOnlVS+NLcgzAyOx+XuPqTeJcvmzhMQ8:siRMnlM+NLcgzAye+XuPqKJcYR8","tlshash":"e763f98b3391a1145ba9409514ba0403e399fe9e705994d4f6ee54cefb8ccc5f27bb38","size":73302,"data":"","first_seen":"2025-11-13T09:27:03.365842Z","last_seen":"2025-11-13T13:10:59.522723Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k17f875d2-DHbRTNE-.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"8b61642511b001c792b86d2174878824","sha1":"1cda68fb0584f5a88f2b9f5149a03aa54ae0d3f4","sha256":"6dfe774772858209ff2f00f957ece02f50a00d3a0485b2bd9a2a7848d9671aa1","sha512":"8fb2e2a54e40fa4d66f772b102afb66ddcb305d4c16186e5db4997a47fbdd66610432110929a82e900815ff48e64ec11655c105d15ee26071809cfac3a1d5f54","ssdeep":"384:kvJZKwb8X2KrYUE950OUToPmhN+VkvOi/B:gJZFMjrF25yTo/VKOi5","tlshash":"dd92eaf0932c51d5d91e07bdea3d60e5a2392effabcd428062a87da5546c2d12e08fd1","size":19682,"data":"","first_seen":"2025-11-13T09:27:03.314194Z","last_seen":"2025-11-13T09:27:03.314194Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f1cfaf41-BU8O8_VT.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1dfb4ea823f69479acbc436f26823acb","sha1":"47bc91b68144389e4908adfa3ab635a492aad3ec","sha256":"167a6b9b4579952bbd4e28811916e64c927e67bef65b002e4f0fd57157bdd490","sha512":"9b57e53a14a3a85190e4227467368c30752a728d01b85c4749d6d022c622b3c9c15c723a1d4e60b32c26587d79ef6fea526c1d010a20f8fdd86be26e6d67ed60","ssdeep":"","tlshash":"8811504f0ba0c055c00578fec70b6610762240a713cc4f91a0ac0b7d4b666a9d919a63","size":961,"data":"","first_seen":"2025-11-13T09:27:03.343479Z","last_seen":"2025-11-13T13:08:42.28679Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/v0bee1dd66-Bi7RQSCs.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3fcb621065d377b75a01076a4f9d537f","sha1":"8ab00f71164113e2b23444c16971d9bf261b8ad0","sha256":"b805809c03ece2fe0d0c6d6626da19981261e1acb8e28c94f4f5387fd1c81040","sha512":"8baae85cfcc463c847cbc081091029d6f3f5918f9e4e563cd82e5c798f68979c15209d2b30a3534d1364f5088c6e9af4989a326273bf8d62f3663d69b7645338","ssdeep":"","tlshash":"43f0c08b1bf05619c01b16eec61b25912264417786cc4f1ea2bc5b785321ab8dd02787","size":555,"data":"","first_seen":"2025-11-13T09:27:03.367787Z","last_seen":"2025-11-13T13:10:59.517242Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n282c3e144-Ca1rsrV0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"7bfdd7cdc6631c250a932d8ca131e678","sha1":"0280d5a9a5ed79fd6b50e7f171aee91639355e54","sha256":"88a7cb48d56a2a62c41f1f479fef59790fef3ee95fcb47ead9dd2985557d0ab2","sha512":"f2e8416bb8a46578e74f756e9ce9e97b836f5faea4f23d0c4d4c8f846942dbf9925f33ec230157428b3d755b16559aae51b873d968ec8d97fe12168cb910c936","ssdeep":"","tlshash":"1621118eecb099fcc42acdfce265e0310719239b1258d330851e9d751391a867627757","size":1351,"data":"","first_seen":"2025-11-13T09:27:03.368865Z","last_seen":"2025-11-13T13:08:42.284313Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a4625f66a-xdpTtXRe.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"4c68c9ea2439cd777ceedb5f0518c141","sha1":"97d51ffe0680cb9365ad6b53486ff29dc7b35887","sha256":"9fe5578a326037b17d2e56e7b482ae92f53145cc48eb4b3aab9271b6e9783f71","sha512":"c5707b411eed2ef4996b73852509cbe6af1a70bf044f564729c8b85bd1fd68ef42c47ac0d93784c91cf5c41cdeb179ac663d0de5a95676289724efed2d596017","ssdeep":"","tlshash":"570115d966f17b1ac12c2bded229640171040496ebccdbd1a27c9e1a83c51d566a0b16","size":715,"data":"","first_seen":"2025-11-13T09:27:03.349751Z","last_seen":"2025-11-13T12:06:08.018336Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/o636bd5eee-DcsRKFGN.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dbc0e1ce67b5711a0d7d3f737983b33f","sha1":"5f62db73cfb52d9600123bb0531fe34b3714e9f8","sha256":"21b0b59462cd695f1e7e86127e0aee38768b6ab7243ef8aeaa0a5058dd8de73c","sha512":"14d413ec02954d819dfa9550009129feb46c1cf7e300a2a939120d14a528628f00d9d1b96846bd375f20231abf8eec14999baad90953863e7472c8f4e0f383fd","ssdeep":"","tlshash":"c3f05c4876b05f1d4059229ec149a4617ba80273978c5f11e2bc0a3a43b9ade9954743","size":450,"data":"","first_seen":"2025-11-13T09:27:03.356678Z","last_seen":"2025-11-13T09:27:03.356678Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/t9f5a84c94-Bs7ys1-0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"63beccde663d51dfe4a1e48090044a14","sha1":"104db1a82dc0bbdb75935c9787f274f7ca8bb061","sha256":"7057aa04a5211a31af10c7b6b8323846c2ae340380536e51fc9c05cd566d3643","sha512":"97c0cad5c837947ffe50782783654c879f28405d8d268562e6e087d05504a2f167df06516808e155992dd7f310ea1ae6e5b7ad733ffbb570a17cea550721b627","ssdeep":"","tlshash":"87f05c857bf06906803e17acc4a755817a8a11a3468d0f91f2b80b3a53fabcfa8043c3","size":453,"data":"","first_seen":"2025-11-13T09:27:03.350738Z","last_seen":"2025-11-13T09:27:03.350738Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/eacc57-Btvfzi4L.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0f429381c32fb07c5467f4dce1af6f9","sha1":"f26697a0efc06885848e3c514c494ce46abeedb4","sha256":"32f8d7192c79aecb878773f18ebd6534c93c3e0ce67037be11655303fcb62027","sha512":"5b4b537c8ad9d6096abc5cd07b9bd731cc2c231fa6d4bfb821dcbf1fbfe7cee982cc4c310c2f897a67c53a4f399d5121ad032fb83b52de5f6eaa37e642bd0335","ssdeep":"","tlshash":"b4f02785bbe06e5a406a129cd156151239a5416392cd8fa1e3790a3783a95dea921383","size":453,"data":"","first_seen":"2025-11-13T09:27:03.374399Z","last_seen":"2025-11-13T09:27:03.374399Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p3d88dac-DL89R-D0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c26f647ddcb58cd5b1deed5ae4a273ce","sha1":"fc498f9bb0387f3efa195d7deb056b390ac3c799","sha256":"88fa2109d106b4b6fe61fa7b4659abe528550fd823c2b31907a09c36968a180c","sha512":"f2e64b1352565e182039049781963ffd0009848acefc4bc3d2c8af21cf86da01d98f75484afd05ee008e8b2b03d9040ea56091bde58296dbe787edbc9d387916","ssdeep":"","tlshash":"573164cc80a2767ce47f07e4816d548da7490bb3eb5f4f94f2bd98351257c90620bb91","size":1826,"data":"","first_seen":"2025-11-13T09:27:03.33016Z","last_seen":"2025-11-13T13:08:42.282744Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/h306ef799-tzyaAXFC.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bca945f9c9ed24ed3993c75cf09c0067","sha1":"7e51a37e53b0b7dda4dbc7b30ecc859c34d1f123","sha256":"9be2357d4bb21bdf5407d87bbe329d7b213d20e554f02d9d157f9b3527cc0d81","sha512":"4d6ed42eef0b34943411e2b646c393f45241b15da20215143dd7a91995348caae83a7678f5732c86fea64227cbf2481f2231f0aac9be048e430fdcc021ef8b63","ssdeep":"","tlshash":"a2014e4f5df95a88c45a10aed25a9390b010013723dc8f6aa26c0f780337f9fb909b47","size":693,"data":"","first_seen":"2025-11-13T09:27:03.36342Z","last_seen":"2025-11-13T13:10:59.517865Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y40b5ef-Bsm1AWUK.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/y40b5ef-Bsm1AWUK.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-2d4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":724,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (723)","md5":"88fdf9abfdbbde63c1c2f2857bfa082f","sha1":"8406c0804a65e3d6b013a5d734a804d6bf1f27b0","sha256":"b9f052108786496eb52962cdffb98432afb6e2400b7c02045c7ad713314d87a3","sha512":"1e03b4887443b710eb4978301fd0c26b61d42a2ef4af009146eb9677bac11eb2efaa07193932eaed53384a0833fb3451f119ef3a455d839a544619c59ba58255","ssdeep":"","tlshash":"e0011bcf8be01668800e31dec26b6117228001a3ce8d8b80b0790a3997c7aeb940eb03","first_seen":"2025-11-13T09:27:03.307736Z","last_seen":"2025-11-13T13:10:59.516252Z","times_seen":6,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/da2bad41-uKiSnrbr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/da2bad41-uKiSnrbr.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:54 GMT\r\netag: W/\"6915986a-1a5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (421), with no line terminators","md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d2f07659e7-DJZ5asp3.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/d2f07659e7-DJZ5asp3.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-be1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3041,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3040)","md5":"b65d4cc8dbb7c487ae18e849a302228b","sha1":"39f29d8a35ce0359772777553a35b3c1f4283a5f","sha256":"f99267d30cbc0464c96b1a9aa2b5f2ef079d600de0b8cc1983e8a1301fca13d6","sha512":"8a9469a5d0993e3d2bc7d27f4afd72c604e205d8705c4e43cf7368c20a0111b9fd43b8707dbed60b26068bb07397b6bb390ddb1487a2e923b256d1d0f0a961fc","ssdeep":"","tlshash":"e051f08fd12610595fe4cfb8bc7926173ae6c22a39c7994863c4e83c41e4bc5227f7a5","first_seen":"2025-11-13T09:27:03.311153Z","last_seen":"2025-11-13T13:10:59.520194Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/favicon.svg","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-04T06:44:39.735671Z","times_seen":477695,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k17f875d2-DHbRTNE-.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/k17f875d2-DHbRTNE-.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-4ce2\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19682,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (19681)","md5":"8b61642511b001c792b86d2174878824","sha1":"1cda68fb0584f5a88f2b9f5149a03aa54ae0d3f4","sha256":"6dfe774772858209ff2f00f957ece02f50a00d3a0485b2bd9a2a7848d9671aa1","sha512":"8fb2e2a54e40fa4d66f772b102afb66ddcb305d4c16186e5db4997a47fbdd66610432110929a82e900815ff48e64ec11655c105d15ee26071809cfac3a1d5f54","ssdeep":"384:kvJZKwb8X2KrYUE950OUToPmhN+VkvOi/B:gJZFMjrF25yTo/VKOi5","tlshash":"dd92eaf0932c51d5d91e07bdea3d60e5a2392effabcd428062a87da5546c2d12e08fd1","first_seen":"2025-11-13T09:27:03.314194Z","last_seen":"2025-11-13T09:27:03.314194Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j7aeb825d2-CnIU5txI.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/j7aeb825d2-CnIU5txI.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4538\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: \"69159869-11ba\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4538,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"30cff9c43d012b1619cc092d54379a0a","sha1":"2ef41df1c08e0a14fff271ae431cc90d806dbdc7","sha256":"58c8cf23b5c2a9e5d4cbc27fd3e97752d2c1fd9afc3ccd161781a4f00ff4cb52","sha512":"8bbc0164b81e626beb98e99bf559e3cafde62860c73a959d0b55f7b4a95bda00292547fa93c11655bacb3aa179dcc5e915d7ac3c4d36dfd00b675d91c703fec8","ssdeep":"96:70zGXtAcXJWW2FJP0JJVjSPuJBNbxxA8H/gFQjYNS3R/:wzYtA6JWWCiquJVxA8HaQk8/","tlshash":"48917d7447a3df09e8b382f2b5470b50cf473db8e644a31a432610de8e5154ed2cc654","first_seen":"2025-01-12T23:36:31.229067Z","last_seen":"2026-04-04T05:49:32.36164Z","times_seen":414,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/efd0446-AhDkcItA.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/efd0446-AhDkcItA.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-963\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2403,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2402)","md5":"424f0b14c00e79cd3c309c52b45905b5","sha1":"64339e7e41a0a0884496c70754d951e8257742a9","sha256":"e08c441583e2732395ae1e23ca20d44b1ec2af9222234f5c479fb1f59c5dd190","sha512":"8efd44787959e4edc519a7407be8a5d33e5cbec01d3c8b68dc7f0fcf857499630f3fd36cea6d6094ccc3763993f26ac3392b412aaa5fe37e4842e59f28a60068","ssdeep":"","tlshash":"5f414303b132d2b15156798fcb61720ef6b097672ae8c5b4fc385c2153ca9878b2e739","first_seen":"2025-11-13T09:27:03.317079Z","last_seen":"2025-11-13T13:10:59.503679Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e1e0e167-BAAl1-WD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/e1e0e167-BAAl1-WD.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-22a\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":554,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"38c7aeb9e17ac0f0195c851389722970","sha1":"538a124c12a4ca98e11d435539677620dafdee33","sha256":"930d0c006fba558e53c60d8b26a87ddc34583e529cb5f17cf7f03e499d494ab9","sha512":"45fde27518d494d96fac6a3a4af08f7b084d11cecb13b58243505f1d923a73fc73589855e5c98a360adb32828cd3913d23ac122c273edb915931ecac87faae85","ssdeep":"","tlshash":"9df08b9a66f05339484d26eec25a95027200422766cd4f94b02c6734577abcee506fc3","first_seen":"2025-11-13T09:27:03.318482Z","last_seen":"2025-11-13T12:06:08.029884Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a377d6ecef-Cv1EggFv.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/a377d6ecef-Cv1EggFv.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1c5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":453,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (453), with no line terminators","md5":"b65fb7d39d547beaaa9c00bdcc818d79","sha1":"39eb58b62b93a4ad2fbd00054f3f1755965dd0d1","sha256":"aba948e3efbc2860f2b7970ea3682734a4b079c04cb56bbffeaba92c1745da9c","sha512":"4ad5ce6ab4215b3d529b195e8735374e636ebc13a89b9429644873dce20bdc11fd4c6333928355f5f36be86b32b01082391b3f6b9ed0acb723066e4c2a01b591","ssdeep":"","tlshash":"1af0a3c55bf53e66813a12edf956ad00b189153783cc0f95e2780f3e0365bce5611387","first_seen":"2025-11-13T09:27:03.319885Z","last_seen":"2025-11-13T09:27:03.319885Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a66c836e-B2E5u6NU.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/a66c836e-B2E5u6NU.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1c3\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":451,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (451), with no line terminators","md5":"bc2e99cceca277a8564a4c5be5c506a2","sha1":"38d2cf078776d2f3cf2bc54739f1341a255b01d7","sha256":"8884537f4719509e438cbdf685d1bfe268b62e65ba84d84bd0add882e502827f","sha512":"cfb520e3aa0362db80b407ff7c5a472dde1a73ca1b8a5c7b6945356eae8b3d147ee9f3018f5c9b709c6d6ce1260c690e3519f85f315a779cd6e19eed95a9f22c","ssdeep":"","tlshash":"89f05c445fe42e9a4039125dc5a6381177cc007797ec4f31f378073a5355ace9601383","first_seen":"2025-11-13T09:27:03.3214Z","last_seen":"2025-11-13T09:27:03.3214Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 768\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=0sylej9pur3l8bfnqwuztf18ebv2n9c; syncedCookie=true; oaidts=1763025994\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 3b582521b893f1f049a53b3ecd30e6fa\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-04T06:46:21.974817Z","times_seen":115067,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k4bc664f-Cqe_qYC0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/k4bc664f-Cqe_qYC0.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-8a3\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2211,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2209)","md5":"4dce5d86bfbb997efddb7fb797ac499d","sha1":"81a6feb665104bc7ccd70eb1cc892e0be37fa161","sha256":"73136d232a12f6e80e3d8b6af999f3be7ddb0997f757f7bebcc3cde695e74ad1","sha512":"c02cb2844d851bb2bd86fc0d8e455bd99394ac10186494973229f94c7debd84cb523c257da379ce81f45605e65fc819d452a39270455a07dd8fb83dad3c4c604","ssdeep":"","tlshash":"9741866971651bbcf00e449ef72cc28af017bb4bd64ecaa0f07c891617198926746f81","first_seen":"2025-11-13T09:27:03.323559Z","last_seen":"2025-11-13T13:10:59.518483Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdntechone.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Oct 2025 10:37:11 GMT","end":"Sat, 03 Jan 2026 11:35:39 GMT"},"fingerprint":{"sha1":"1C:EA:64:D2:D2:27:D8:F8:14:68:7A:01:A6:9B:4E:C4:C7:D5:B8:DE","sha256":"4B:C9:99:7C:8C:A3:85:BD:17:9A:F8:0F:83:73:65:9E:67:73:5E:2C:89:B3:5F:84:D3:E2:5D:D8:FA:8F:FD:BA"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: cdntechone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 11 Jul 2024 10:23:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nlink: \u003chttps://datatechone.com/\u003e; rel=preconnect; crossorigin, \u003chttps://datatechonert.com/\u003e; rel=preconnect; crossorigin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ya4fVzh6%2BcEcXhNp3gx8e7bxPkSXhd0%2F9LeL6KEbfjRBUcs3SLfNSkiBnl364eZFR3YiCNZ7t7WdxpQHPQ9LPhPwAg%2BaUm9h9RHoFvMo\"}]}\r\nage: 1398\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"668fb2b6-406a\"\r\ncontent-encoding: br\r\ncf-ray: 99dd3a6e2a2849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16490,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15840)","md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-04T05:52:39.381019Z","times_seen":9008,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":29,"dns":4,"connect":1,"send":0,"wait":9,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 605\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: c401c76924b194be7841dacdc07c3797\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-04T06:46:21.974817Z","times_seen":115067,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ed0c1c53-CGqZr15h.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/ed0c1c53-CGqZr15h.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1c3\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":451,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (451), with no line terminators","md5":"1bd9ca1e9d7fadeb69ea6c97469b7795","sha1":"b333a55b90bf31908c645a8c17248bc1124d000b","sha256":"1eef32db82bfc1ba6f66f713ba65184f820e825299eee2c56bfffb9125cf9098","sha512":"8ef162932d6e23b59626cf41cfc4bfe1c2a3c1ed5e7ec3a5df1161ebf814a9dc7b3a641ff0166d9548265ca88c8a5abd126759c830adc42677063e42aa27255d","ssdeep":"","tlshash":"e5f05c456af14a298226129eda5698413a9451375bac0f6191bc0a3a53646da9d02283","first_seen":"2025-11-13T09:27:03.32579Z","last_seen":"2025-11-13T09:27:03.32579Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/favicon-96x96.png","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /favicon-96x96.png HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-04T05:07:39.986482Z","times_seen":16120,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/u884c8a61-xgQidDvD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/u884c8a61-xgQidDvD.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-c31\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3121,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3111)","md5":"0924d961f4bbfcfbf2947b182ee1b0f6","sha1":"99dbdd2e5159fdebdca0a5e3109c9018e02c20cc","sha256":"41d494ec67afd9ecc468bfde1ede08a35a77e9fef0ef63c72ae3365ead0b4cfa","sha512":"956631a8164513c55ce233c11d32d0bbd7580d87709871b3a72466126e424ed98a73c7a15096aba12b22781918e4605beb94c5329ee911857562b4859ac242e2","ssdeep":"","tlshash":"db516859b0b27b7c743b1acce52d5c42f30d2b599b4d4e80a13da8311a940d57f1a3ce","first_seen":"2025-11-13T09:27:03.327808Z","last_seen":"2025-11-13T09:27:03.327808Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e1004ad47f-DBISZBks.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/e1004ad47f-DBISZBks.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-404\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1028,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1027)","md5":"1afd1ff9d9756c9810699c10ada0b6ab","sha1":"413ce7e6994bd0326caaa6be034c74966011bb14","sha256":"05fae1a340893a17bd934f1e7e66f35ad46e0cf061f7b3fa67b2340c5124b501","sha512":"f3b789f25a3ea03c1a7b3ecff27025d17d1abfcffa60bbed24eba9570d75293bfc76a8500790d5de5655a65bd46f15947962f2e31b0d8f7aeaac9a15f7357641","ssdeep":"","tlshash":"3411728f85e0a230881212eed38fa30071210987738d8794923e4e280b22c83e815bdb","first_seen":"2025-11-13T09:27:03.328942Z","last_seen":"2025-11-13T13:08:42.30183Z","times_seen":3,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p3d88dac-DL89R-D0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/p3d88dac-DL89R-D0.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:54 GMT\r\netag: W/\"6915986a-722\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1826,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1825)","md5":"c26f647ddcb58cd5b1deed5ae4a273ce","sha1":"fc498f9bb0387f3efa195d7deb056b390ac3c799","sha256":"88fa2109d106b4b6fe61fa7b4659abe528550fd823c2b31907a09c36968a180c","sha512":"f2e64b1352565e182039049781963ffd0009848acefc4bc3d2c8af21cf86da01d98f75484afd05ee008e8b2b03d9040ea56091bde58296dbe787edbc9d387916","ssdeep":"","tlshash":"573164cc80a2767ce47f07e4816d548da7490bb3eb5f4f94f2bd98351257c90620bb91","first_seen":"2025-11-13T09:27:03.33016Z","last_seen":"2025-11-13T13:08:42.282744Z","times_seen":2,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k79c8a71d6-WUggEIoU.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/k79c8a71d6-WUggEIoU.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5004\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: \"69159869-138c\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5004,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"eb0e8d921b8b8ce75be4fbe630ebaa82","sha1":"d4817274b33ef5ac7cc350babbc77f1fa84c5fbd","sha256":"6f83342ed01d498e4c79260aa1f8818a10430300b8cf9862056c73b8532b268a","sha512":"eb5ad49f3375a60f54cf486066d634d1ef74138e2cf747a1664fd717fad7bd36f6b1a84a021b647096b35d8a9b1f368dfdc9f90293843dc31503b07c8f617dee","ssdeep":"96:D0zkkY1s0tgj90I6RiNudHj7nxiBOEZz8Vht4kkt:ozQ1i6iN2DbfEZ8tk","tlshash":"b2a18e3dea92feadc03743b89344af75f5841b6647d4a3ba12cd540dc6c8e44f6481e5","first_seen":"2025-01-12T23:36:31.206085Z","last_seen":"2026-04-04T05:49:32.3476Z","times_seen":414,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 483\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.ak2yy.com/clicker/1866/pt.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 9ef706cf51e7c87bcd87c17212d6aba3\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-04T06:46:21.974817Z","times_seen":115067,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b58f8a85f-C401tf5V.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/b58f8a85f-C401tf5V.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-2215\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8725,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (8312)","md5":"79ea9c424a6c78694d2404e92d5fa922","sha1":"2a6e41f043c4d01f610cc1e2c50f8c96ae91dd09","sha256":"16b57d13fa60ef39715d8abab2e86847f26fb87373935ed70e91ceda3e9f7a7d","sha512":"fdf81e054c928976dbc6baf5506e9935d25d48492eb6f4655785152a2cab978e8de87ff0cd6a023c7c24ce61d06a5d701bfea3e4e86b3011d11103210225ac80","ssdeep":"192:C+cUQ6LacsmT27YSNPYmRwUdfkQQYiESpJxr3ceQzez8L:C+cUQ6LacsmdSpYmvdfkQQYqxr1QzezI","tlshash":"b4021a4aa1700bbe64074cf8e5f5e00643349b46d64fefb8f65d4a2926e8204639f7a7","first_seen":"2025-11-13T09:27:03.331759Z","last_seen":"2025-11-13T09:27:03.331759Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c6060f6e4-C6xMlk7B.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/c6060f6e4-C6xMlk7B.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-f828\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63528,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (38455)","md5":"9ea99df47a64bea9628b461545b0b648","sha1":"5d444f10bb7402874fceb43cefedc13c83f98b56","sha256":"d918dd859499ba7eea20463de58a9ca3609b9d50fbea484cd235725408fda800","sha512":"ee4e6a2c577f55234389faeb783ffe69d9bb8b05ca9c714da8d45b6f92220533009a9699b0120359097b2999fc4731c1b37e521405eb49ba5adea5389c079893","ssdeep":"768:k65FCDDOqykJ7QNp4N70H1KcvXCyLHWxA9k/eWj8kcj6tKwtZHNMSgz6lDNwnfZG:k0eqs7QX4qz4PNcj6ftZHNMSZh","tlshash":"0a534a687056203a03ef51e6e0bf6a4bf2356912e48dc644e316cef06fb469d4267f2d","first_seen":"2025-11-13T09:27:03.332919Z","last_seen":"2025-11-13T13:10:59.501122Z","times_seen":6,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y29349f-BQZrw-Tm.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/y29349f-BQZrw-Tm.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-677\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1655,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1655), with no line terminators","md5":"f1ac7bb1e593a43e6e691e2a744c6457","sha1":"a2dfc5862bb1e18cf49623ba7d09032a5737bac9","sha256":"0d23c801a5e2c3c58a086fea65991901ea02ce788b3f048625fa2a0e7a245556","sha512":"47d03ab77d7582d6252271f9311c9c7c69f3d6eb1af894b972dc289cb7e2f2f233e0e3ea92c1cd51e7dc13a9ad4d6855c17836d9fa0c9da4daa74b36b668ba58","ssdeep":"","tlshash":"2c31b8cde91097acc8396daec31d05112f0a236b139acb41e2fd383a23456c8b511f53","first_seen":"2025-11-13T09:27:03.33418Z","last_seen":"2025-11-13T13:10:59.508706Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?userId=0sylej9pur3l8bfnqwuztf18ebv2n9c","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js?userId=0sylej9pur3l8bfnqwuztf18ebv2n9c HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://cdn.ak2yy.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0sylej9pur3l8bfnqwuztf18ebv2n9c; expires=Fri, 13 Nov 2026 09:26:33 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 99dd3a6e3ca9b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3479542a3516a71559d5af8d70794074","sha1":"d33d42eadac709dece45d6a924d211a5b087889d","sha256":"50c6227aca75b4bea04a03c011389d9b40d46f32772257affe575a1b58462e71","sha512":"94d3c89f1f95cab18222710c7cec01c17e13dd69c0a3f1eb52229ae57b8bbd55f987573da162c035822cd9da85e12a0dc0373943e4228175c3320723e5824398","ssdeep":"","tlshash":"38a002c0052815ca3c505b165e6a8b01940015855c44935865d4505219da69f488a6d4","first_seen":"2025-11-13T09:27:03.335315Z","last_seen":"2025-11-13T09:27:03.335315Z","times_seen":1,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":28,"dns":1,"connect":1,"send":0,"wait":45,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/fonts/ef9f0e0f5104d1b1.woff","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/fonts/ef9f0e0f5104d1b1.woff HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cdn.ak2yy.com/clicker/1866/pt.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/font-woff\r\ncontent-length: 56576\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: \"69159869-dd00\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56576,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 56576, version 1.1","md5":"5124fc87f7e66441db795a8912043f91","sha1":"9b5c62e91aa66a514d484f39b22e7ffc9381cc18","sha256":"a2aea7fa4bd1d898403a770bc2a4ff45e48254f81be851732df29e8437414041","sha512":"f969df99917bfee75a09c50e7016dcba4446775b92a5263d3aa678202961baf2bf4d395711663b95f4a47add649a91e86a58a4c742a4c1f1081d68fcdad9cec5","ssdeep":"1536:lhPdeGApA3bIFUVp+DLy5lZQK4EtEglGzIQeVSc:XlexpAEFUpWL2ZNjUYSc","tlshash":"ea43f24e9ecd710fff8a7ab7d998695b818f6094866e75c33141227ef839280d4b6306","first_seen":"2025-10-17T10:36:57.958595Z","last_seen":"2026-04-04T05:41:17.511677Z","times_seen":886,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/o039fc38e-B8106jTh.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/o039fc38e-B8106jTh.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-abc\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2748,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2747)","md5":"063fd9f727495f637b2d608932235a47","sha1":"89607ea67fd03bbfa054eec29cb72bec132d1b1f","sha256":"f8b28017cefd3b9e17c2723ad4904890694968bf995a0b366f9f907f01ffc240","sha512":"dcae5894ae991f4af583fb11bc80f7bd291f7892db4813e5af743a019eed1b11be0010440e57eb7ff6bdebd3c41d4f9d2cfc5623e43cad7b19d309e320d95c8a","ssdeep":"","tlshash":"3751dabf44d8a8b9094cb1eed63ad1622e1828533c1dc1e1a57c4d2e17d3496e03df67","first_seen":"2025-11-13T09:27:03.33724Z","last_seen":"2025-11-13T13:10:59.515073Z","times_seen":6,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dd765fe-CKTJVBWV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/dd765fe-CKTJVBWV.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-e97\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3735,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3735), with no line terminators","md5":"4ff839a9575c692a3ece3da58549bc39","sha1":"c47a16755642a54b6476c5c4d0cacd7c56a257c1","sha256":"1dff6d4e33f04620b0cbe8136cb190a3d2d83220bf03e024b5b15bc71d73e62c","sha512":"379393bd8ebb86035a820273702aa9aae423a539240da3ec9203b71ec2c8ca982008caf5ab580a813680d6ef1ce906459bbc4dfa59a336f4cf71cc6c6abeb155","ssdeep":"","tlshash":"df71d8cec9e9c534519f31df11281220b6b94f1b742d8394a07e4f398f5ee4ad485bab","first_seen":"2025-11-13T09:27:03.338416Z","last_seen":"2025-11-13T13:10:59.522114Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/r8675a519-DcYllDB-.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/r8675a519-DcYllDB-.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:54 GMT\r\netag: W/\"6915986a-896\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2198,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2197)","md5":"fe5e998704400adfc517957a2e7ee708","sha1":"c01831eab690ed555fd442175f8ac22952322a1f","sha256":"25eb428ccf5bd962fd2cbcb5d0530490680235710d63c6a86596941f9d5b47e1","sha512":"d11aa325b24b3d08343743ffc6141148b26198ef155b3189faf4426270f473b7ff41b690df9a13fab50e0a6c3876a4c89e1a48c53b0c36acba2821d53f232a95","ssdeep":"","tlshash":"f14194ad81f5c564c1a52bddc236f93231a98433345dcfa5e27e8e3157bee8140b4636","first_seen":"2025-11-13T09:27:03.339715Z","last_seen":"2025-11-13T13:10:59.499783Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f0143f9f-Dpz7cNiJ.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/f0143f9f-Dpz7cNiJ.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1644\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5700,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5467)","md5":"10007ce26d126610e7cfc87d8cb01663","sha1":"9292129f986a7c93d4fc43dad1e0839a26958c87","sha256":"f2f05e1c866b28f2921feb68d6af078681280c63d7eaf236f8129032b8101455","sha512":"ae3b0208ef21c329f82f213b321b56b62f3f93db20bd321ae259dc87808a8070df6f0208344d011d6a81ac82e63227d84d4c0ee2d4e006cb6c1d8680ab61f2b0","ssdeep":"96:jpLaccBzN0kW4a3Ies+NjHA9w5jfj2e7D3fiytNn6ijpGQxeL:lLacGnW4EIeNLAybtvdn3JS","tlshash":"16c17458e2791668b02b5ddcc33a521767393363a84ddaf0e47e2e2113c6b8057c66e3","first_seen":"2025-11-13T09:27:03.34089Z","last_seen":"2025-11-13T13:05:11.184581Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/aa48384ce-V0KNdAcC.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/aa48384ce-V0KNdAcC.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:54 GMT\r\netag: W/\"6915986a-81d\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2077,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2077), with no line terminators","md5":"8e21da4db648846fbe86261488333cf0","sha1":"deaa31275178d3dc8970fbf3ee924c57dcfb8ca7","sha256":"8e3c6a768fea53ac53f4df772b525ac83857d5e173906d88341add6975aeb11f","sha512":"42af2cc1e0d38b30bfc314a87e687a1bbd3228932525dd2aae1111a7a38ff9a0563ccee8c1931c5bd7039ecfbab4e340547685f2e7d891313f84830a4d01dba0","ssdeep":"","tlshash":"e141758175f55074c5a12dfec1101222b1394a53379c8697a26d6d341f6bd45f42bf33","first_seen":"2025-11-13T09:27:03.342263Z","last_seen":"2025-11-13T13:08:42.306613Z","times_seen":3,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f1cfaf41-BU8O8_VT.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/f1cfaf41-BU8O8_VT.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-3c1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":961,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (961), with no line terminators","md5":"1dfb4ea823f69479acbc436f26823acb","sha1":"47bc91b68144389e4908adfa3ab635a492aad3ec","sha256":"167a6b9b4579952bbd4e28811916e64c927e67bef65b002e4f0fd57157bdd490","sha512":"9b57e53a14a3a85190e4227467368c30752a728d01b85c4749d6d022c622b3c9c15c723a1d4e60b32c26587d79ef6fea526c1d010a20f8fdd86be26e6d67ed60","ssdeep":"","tlshash":"8811504f0ba0c055c00578fec70b6610762240a713cc4f91a0ac0b7d4b666a9d919a63","first_seen":"2025-11-13T09:27:03.343479Z","last_seen":"2025-11-13T13:08:42.28679Z","times_seen":2,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/z1d1e4bb-rxX3ZVG9.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/z1d1e4bb-rxX3ZVG9.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-ca4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3236,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3235)","md5":"0a7b2fbcafd64d32bf8ad78634d83682","sha1":"ef66d3f0b36d59f4dfb8931ab21e8df4a9e55c58","sha256":"4d89008c2ac368e311fa1291500199c4a4f6e61687fe3e7b8676fdb88f86bda1","sha512":"92ffc761130a0d7ff0b2ce24f094baa6a4d1958ab80c793723e4a5d99d3e49d523fa84936d60052583c1424f21fd6105cdb89df1cd54e05748d1ac85d4794b30","ssdeep":"","tlshash":"b261156967fa3b6f4ca92b7a524dc10e0a3d1d0ba489c6346cd7cb2cfd5058c78b1b51","first_seen":"2025-11-13T09:27:03.344736Z","last_seen":"2025-11-13T13:10:59.50923Z","times_seen":6,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 552\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 605b555c56d84b70cdcf7f1c62278aa6\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-04T06:46:21.974817Z","times_seen":115067,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ec051de8-BtFOH8JM.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/ec051de8-BtFOH8JM.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1c3\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":451,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (451), with no line terminators","md5":"8e29f232656901574efa9b502cf74692","sha1":"de62adc7ae3833667d5524c264fb7a316f30998a","sha256":"5fa40d44487dc1e7b177d7e860763cf59a18f5c2d2577802475bff3c15093b12","sha512":"6b1a3769c1e2b4d158e72872b43171b16614042ef11d3b5bc7370cadd4d6df629cf15751d455839765bc2b3bebe522454bfff90d8ccd0d2415afcc256f975648","ssdeep":"","tlshash":"bdf05c499bf83a09413d635cc9965941739d0077628d4f51d3bc073b9375ed95c10387","first_seen":"2025-11-13T09:27:03.345978Z","last_seen":"2025-11-13T09:27:03.345978Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dbe0281c8-NRW6C0KV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/dbe0281c8-NRW6C0KV.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1d4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":468,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (468), with no line terminators","md5":"d372fbadb1cd193311c8d3d18cd33886","sha1":"a09f67e412f38b999a7c5f56ce8d3c74333a4a37","sha256":"dcf990b897fae76b2669c04fc86d235d66e4879defdd4303dcbefaa4053cf8e2","sha512":"bc835efdae9ab0cb4d1f6e730e9661315f26c70d2d09c8185cf34165d28f31365ebdf1cb05cbf1c1115821d55e06f77e3ff1e59fdc9e77996168000a074a3ad5","ssdeep":"","tlshash":"bbf0dccc1ee042ca810a23ccc2637d01358485e3569c8be1937e07392746ecde830347","first_seen":"2025-11-13T09:27:03.347165Z","last_seen":"2025-11-13T13:10:59.510884Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d47635c6fc-DmdQv4bP.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/d47635c6fc-DmdQv4bP.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-755\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1877,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1877), with no line terminators","md5":"5c47c4539cdae3980bc407b25574b7e4","sha1":"c105c802e3b7140c6a0d794fddeeb90295d09cd6","sha256":"5f4a7ce256c458e63e723ce020589a1948487b093c650d3eeff79ff0015ed18d","sha512":"b6f74f70f170f677bc2cbc5ed60bdbbd4d80157e80718e99c296803faee8b09bf8d4121aeaca51e2c43f9a27da9ada1ecd6453cc88216531d53f4d462e0045c0","ssdeep":"","tlshash":"b541b7ed48a88c34b1ce4199a6395a0227b5160338e55e56e17f8ab0035cc8f871ab3f","first_seen":"2025-11-13T09:27:03.348578Z","last_seen":"2025-11-13T13:10:59.528732Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a4625f66a-xdpTtXRe.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/a4625f66a-xdpTtXRe.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-2cb\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":715,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (714)","md5":"4c68c9ea2439cd777ceedb5f0518c141","sha1":"97d51ffe0680cb9365ad6b53486ff29dc7b35887","sha256":"9fe5578a326037b17d2e56e7b482ae92f53145cc48eb4b3aab9271b6e9783f71","sha512":"c5707b411eed2ef4996b73852509cbe6af1a70bf044f564729c8b85bd1fd68ef42c47ac0d93784c91cf5c41cdeb179ac663d0de5a95676289724efed2d596017","ssdeep":"","tlshash":"570115d966f17b1ac12c2bded229640171040496ebccdbd1a27c9e1a83c51d566a0b16","first_seen":"2025-11-13T09:27:03.349751Z","last_seen":"2025-11-13T12:06:08.018336Z","times_seen":3,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/t9f5a84c94-Bs7ys1-0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/t9f5a84c94-Bs7ys1-0.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1c5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":453,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (453), with no line terminators","md5":"63beccde663d51dfe4a1e48090044a14","sha1":"104db1a82dc0bbdb75935c9787f274f7ca8bb061","sha256":"7057aa04a5211a31af10c7b6b8323846c2ae340380536e51fc9c05cd566d3643","sha512":"97c0cad5c837947ffe50782783654c879f28405d8d268562e6e087d05504a2f167df06516808e155992dd7f310ea1ae6e5b7ad733ffbb570a17cea550721b627","ssdeep":"","tlshash":"87f05c857bf06906803e17acc4a755817a8a11a3468d0f91f2b80b3a53fabcfa8043c3","first_seen":"2025-11-13T09:27:03.350738Z","last_seen":"2025-11-13T09:27:03.350738Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=f6793285-8895-4d46-8a7e-560c0bcd17c7","fqdn":"datatechonert.com","domain":"datatechonert.com","tld":"com"},"ip":{"addr":"139.45.195.253","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"datatechonert.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Dec 2024 00:00:00 GMT","end":"Tue, 23 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"ED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72","sha256":"A3:45:F2:05:D1:B6:89:92:B3:05:C2:75:20:48:5F:3C:AA:EB:B3:A9:32:5E:CF:38:C4:37:CD:C0:B9:57:CA:E8"}}},"request":{"raw":"POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=f6793285-8895-4d46-8a7e-560c0bcd17c7 HTTP/1.1\r\nHost: datatechonert.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1344\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Thu, 13 Nov 2025 09:26:34 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://cdn.ak2yy.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adb4650bfc9d2a73d4dd69583b0ceb14","sha1":"1ce399d6e936232aaf2192cd7903a279c5015f22","sha256":"21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed","sha512":"3fbce22572bbed1aada0f7c6706f16a97e7c0ea132dfee1a7eb80f5e68da1cc63c891a5bc3ea8e87f0c97be3002212a0efbb2af9553acb45e0d447a685cd805b","ssdeep":"","tlshash":"436000000c3000000cc00c0000c00030ff300f00000f00c0000c00f003030c0c00c000","first_seen":"2023-04-05T07:30:31Z","last_seen":"2026-04-04T05:52:39.374236Z","times_seen":55974,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":114,"dns":10,"connect":26,"send":0,"wait":27,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n02f8263f-C_kRPHmT.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/n02f8263f-C_kRPHmT.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-3a1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":929,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (928)","md5":"aafe321ffcad0046959bdea85e2422b3","sha1":"30359a927dc69f874d87fbe9dad00efd1332e9f5","sha256":"d33019bd2d04207c30665ce63ba4421a93ff2d99ccd4acde796788b81d17167c","sha512":"7ce16701bf3c984e07eae0616f8d2d3af3c1a877c882a4bbac86910f1a27b2ae92ab23cb2c2d66f4b5e4f4ae1619626cb6f8aa0967c56335911eb4e65f3d9375","ssdeep":"","tlshash":"0c11d04f45e0565981ab29ded719a111b55504b3278c9bd2b6ac0f7a0733e826225f83","first_seen":"2025-11-13T09:27:03.352635Z","last_seen":"2025-11-13T13:10:59.515567Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p4b36fc9-D4YP7fNl.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/p4b36fc9-D4YP7fNl.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-54b\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1355,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1355), with no line terminators","md5":"453c7fe6e3ea291b14a9542d62c3b2f6","sha1":"790b839050554e36357ebc85ded21847970705b0","sha256":"9d525141d728e9c807ab0e2b07c2f5ea9793e1ba91b06044295bafff68c28e71","sha512":"857b3c00512cddb5abcafe20c64e60800a198a718a700953bbc6b823e8ea66f49ba6243193b360025400c68c2b547de079935ed134244a1f422914291a6e0773","ssdeep":"","tlshash":"83213381b2f3e0b80bb5169ce0273745f554492297ccc7e0b1aa16761ed8e9fec3026b","first_seen":"2025-11-13T09:27:03.353725Z","last_seen":"2025-11-13T13:10:59.523372Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/u7d966fe-eYIaTG1r.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/u7d966fe-eYIaTG1r.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-14df\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5343,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5343), with no line terminators","md5":"36ce9b003c0ff8b32a6a2a4a022d20bc","sha1":"6f3a619d928083cbc0ea56158d14fe43aca6a426","sha256":"d3f3e969f50c5cdbcd892ee94af573a5aae964f6cd883798978938e89e8593c9","sha512":"4f464fe2e9c30685d9f4f4f3337b22a62f6a813b71e9412b09aeab9063ae4875d62fb956b7affa6f9522fab00b56f8f3c62ddc65a18d89ec5578bcc83a6ad966","ssdeep":"96:xoRatOb/QIlnnUjOfeI9YTGDQjgHQjski8Qj/zVzxJC6M9ysxmgUV+sszEQT9MQF:eXDPntfeI9Yan/8CzVzW6M9vxmgUV+sE","tlshash":"d2b1b5c5d0a9dafd0def9ade2490d16273108e037c4bd934f2a54c2a27f9c0661ab75b","first_seen":"2025-11-13T09:27:03.355043Z","last_seen":"2025-11-13T13:10:59.519577Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/o636bd5eee-DcsRKFGN.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/o636bd5eee-DcsRKFGN.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1c2\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":450,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (450), with no line terminators","md5":"dbc0e1ce67b5711a0d7d3f737983b33f","sha1":"5f62db73cfb52d9600123bb0531fe34b3714e9f8","sha256":"21b0b59462cd695f1e7e86127e0aee38768b6ab7243ef8aeaa0a5058dd8de73c","sha512":"14d413ec02954d819dfa9550009129feb46c1cf7e300a2a939120d14a528628f00d9d1b96846bd375f20231abf8eec14999baad90953863e7472c8f4e0f383fd","ssdeep":"","tlshash":"c3f05c4876b05f1d4059229ec149a4617ba80273978c5f11e2bc0a3a43b9ade9954743","first_seen":"2025-11-13T09:27:03.356678Z","last_seen":"2025-11-13T09:27:03.356678Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e587fec-Ce0NAr8b.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/e587fec-Ce0NAr8b.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1636\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: \"69159869-664\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1636,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5a1adcee8a49f5914328c4e2d64e63f1","sha1":"345da1a9fd93368a561aa05f7f1441dc14667127","sha256":"3dfd33d676d8ef7f093a3baeac061ea7fab7b3ff8d254daa99dce64441c71571","sha512":"7568a1fffe2bbda318bc956796aeb4894748a878275094a3b1d4d722d1ed280db039e7c3f54b68bdae9a62feb890a3d763d8ca66450bac0d01a89b06764fc9d7","ssdeep":"","tlshash":"4231b53a17050f07d5b00bbe96501729af5b3e734ea9c2ab564144172f818d4ed28ae3","first_seen":"2025-01-12T23:36:31.203165Z","last_seen":"2026-04-04T05:49:32.331347Z","times_seen":414,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 907\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=0sylej9pur3l8bfnqwuztf18ebv2n9c; syncedCookie=true; oaidts=1763025994\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 09a6d7e088121b931f1797c0ba989874\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-04T06:46:21.974817Z","times_seen":115067,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k756e54829-u9LjOs7A.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/k756e54829-u9LjOs7A.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-e7bb\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59323,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (59323), with no line terminators","md5":"9a3786e3bd35b8845b7056b7a40671ae","sha1":"eb38f3bdbb4f6e66d089a2d678926fcf0911f34e","sha256":"819461ec18010d2c4e871713a5683bc76506f291c2ae4ead39ed9f32ed04bf62","sha512":"0a0b8f1ac19fdaf1cd005a7ed59a08634fc7fe003464dd618ebfb4d5dbcabe91c6ac56933095708e167e6afe6283c811c7b57ec01ce165f450676e45e7e689f5","ssdeep":"768:6kVirOw/oDfftqxaIIjv0hM6CBInlCYDeYsMiBATx+E1lzXf27dorO6DdK1aljeP:NVvw/fBhOATx+EznxRuxJgfPwGi","tlshash":"98435f9ed2529fe989b31788b95c2a11b22d0d0ded4991a0ecdf0f16176ec87213b79c","first_seen":"2025-11-13T09:27:03.358565Z","last_seen":"2025-11-13T13:10:59.506449Z","times_seen":6,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bdec51f-hCDJ_I20.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/bdec51f-hCDJ_I20.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-10da\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4314,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4313)","md5":"454572bd93adff89940947001c66a857","sha1":"57161a83f6230e42cf5894fc62fea03ac9ee46cc","sha256":"a23de7211ee9464b08ac3370b745bb3ecf7d8fb4baf6c359b99e06b3879e2cbd","sha512":"93cdedefb94fef706afa3e65ca2f5d9f1731aa7f5e86f86b512f75536a672fb5002606e21d07d405ceb2ea474357246bdc02a00158020e514cbd46b66cdda962","ssdeep":"96:xD1cWUzz6zuxzFo4Bb9QQMqgNSWkSxy/NSxRq2:RUzGSzFXB1BlZOyNYg2","tlshash":"f491048fb87920fc7a97c6dda173e593163725061989c1b499d74f2807a0285a33bb47","first_seen":"2025-11-13T09:27:03.359938Z","last_seen":"2025-11-13T13:10:59.510384Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a6ecc7f7e-Cv6ZcZSr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/a6ecc7f7e-Cv6ZcZSr.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-5d3\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1491,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1491), with no line terminators","md5":"fcf41de47c50a4b41252c8d9aba4b4d2","sha1":"3fb999f9268e3e36f5499b35509dbc9b2c1e356e","sha256":"07de05cd154b00e8c7cee4041e11fc3feb988462fde55d94984f3fe06c7f28f2","sha512":"d85c7dd09dca22b752b61c0d29a8dc02ac93b132fba52e6bdbc1a8a4c01d3f4eaad98a4216367da6ff43bbf3cdc3f694f160725f52070e48e1e04a1a31c5ec38","ssdeep":"","tlshash":"c23147ccd5f0a2f981da05fcd15ce92123580617a354a6d0903d8f18472dfcf6117787","first_seen":"2025-11-13T09:27:03.361077Z","last_seen":"2025-11-13T13:08:42.313399Z","times_seen":5,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 842\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=0sylej9pur3l8bfnqwuztf18ebv2n9c; syncedCookie=true; oaidts=1763025994\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 2a5723dea6eb8d467f81de3c8473aaf1\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-04T06:46:21.974817Z","times_seen":115067,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e1e8e87e3-4hZDrZBc.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/e1e8e87e3-4hZDrZBc.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-6da\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1754,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1753)","md5":"0429e0bff7e7496cc57434fc37787a32","sha1":"91ff1c56df6de272477456e65ff0ec1f0913641f","sha256":"734e7c41348b3a17f48e2c4ca6c13fe16cb7504221ff7040515aa814a543e48b","sha512":"fb3d33e06d3de0eb64af643ffe9579922667619d88921892a0fb88aabe10a149bfa0e1edd2e092531f5403a9b4a6e177d436aae85b21db3067e5c84a23e880b6","ssdeep":"","tlshash":"3c313f8d32e12971819924edf63b3181b17b1066714e9990c13d8e373f9dccbc6b1a8b","first_seen":"2025-11-13T09:27:03.3623Z","last_seen":"2025-11-13T13:10:59.507685Z","times_seen":5,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/h306ef799-tzyaAXFC.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/h306ef799-tzyaAXFC.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-2b5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":693,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (692)","md5":"bca945f9c9ed24ed3993c75cf09c0067","sha1":"7e51a37e53b0b7dda4dbc7b30ecc859c34d1f123","sha256":"9be2357d4bb21bdf5407d87bbe329d7b213d20e554f02d9d157f9b3527cc0d81","sha512":"4d6ed42eef0b34943411e2b646c393f45241b15da20215143dd7a91995348caae83a7678f5732c86fea64227cbf2481f2231f0aac9be048e430fdcc021ef8b63","ssdeep":"","tlshash":"a2014e4f5df95a88c45a10aed25a9390b010013723dc8f6aa26c0f780337f9fb909b47","first_seen":"2025-11-13T09:27:03.36342Z","last_seen":"2025-11-13T13:10:59.517865Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b7eaf61f9d-DjCnIZWv.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/b7eaf61f9d-DjCnIZWv.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-21bd\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8637,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8066)","md5":"029038f9b712acdc03df598ebe3c9ed9","sha1":"3dd5a3c3b9db49a6ccc80d1f74ae8e81137b0491","sha256":"f10d013b63b32a65ac01e798ffb6557998f74ca1486a548f3632333bb30d13a8","sha512":"de2d48c153312be2662c35adda348e9f755291f800ede33d942c3c52f99ca10eb2d1f02146d2fcda0fb242e57bcc27d619340f742bd7b71bb03defdc9c372b08","ssdeep":"192:CcU8vLaEamMqaSOU/Q0m8FJ1yloVwYUcDIXZkTOFHqjFV1/DwPVRdQb/JUSZS+gU:CcU8vLaEamMqaSOU/QirTUcDIXZ5HAVn","tlshash":"23021988b0c72d7cd0db8cf9a5608429b63f0a1ae55fc1d083ae6da80195d4552f7f8f","first_seen":"2025-11-13T09:27:03.364606Z","last_seen":"2025-11-13T13:10:59.527975Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/s3842e4a7-CH5qbzYO.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/s3842e4a7-CH5qbzYO.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:54 GMT\r\netag: W/\"6915986a-11e56\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73302,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6ad5cf98676fabde43dabf1f08cb8744","sha1":"7f21025081a2f79f603b281b0be09a48c06c1405","sha256":"2e511987bc86daa865d91f790d100593313770d853f3a641339c1aed551a881a","sha512":"8908d168542377a2532317b1136a878f3502f30b4897ecf5af94037f8bf22c215c57128c70204e35156d1d874f44f5d60a341b6b744556f5d1bca783ff13b3d4","ssdeep":"1536:sr2RivKGOUC9dpjXOnlVS+NLcgzAyOx+XuPqTeJcvmzhMQ8:siRMnlM+NLcgzAye+XuPqKJcYR8","tlshash":"e763f98b3391a1145ba9409514ba0403e399fe9e705994d4f6ee54cefb8ccc5f27bb38","first_seen":"2025-11-13T09:27:03.365842Z","last_seen":"2025-11-13T13:10:59.522723Z","times_seen":6,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fmscc.com/sync-do","fqdn":"fmscc.com","domain":"fmscc.com","tld":"com"},"ip":{"addr":"172.64.150.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmscc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 13:55:05 GMT","end":"Tue, 16 Dec 2025 14:54:56 GMT"},"fingerprint":{"sha1":"E6:8A:4B:CF:E6:3B:CF:3B:70:A7:E1:11:3D:1A:58:43:46:06:D8:0B","sha256":"9A:82:A4:B0:A3:43:41:ED:F9:BF:23:D3:B8:BB:71:E5:D9:70:B1:88:71:0D:04:B3:C3:72:8F:DC:C0:D5:DB:2C"}}},"request":{"raw":"POST /sync-do HTTP/1.1\r\nHost: fmscc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 240\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncf-ray: 99dd3a70892775ab-OSL\r\nvary: Accept-Encoding\r\nx-trace-id: 96540b2c140161d5fab2ba065a8dd5d0\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: https://cdn.ak2yy.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=qZCtAyorJENg_Z7Z1eLLugtEA6DLx42gM973bLqK07M-1763025994-1.0.1.1-wBUGcT_VK7LQN1tGJYUSkOs9s.bjuxpRN0gQdMGDwwuAFgVFDxQxV9n_3WH3k.MY9vRARVh5C86dsPYKuQZM4y3_KgW6VOiygEG05Ftho5M; path=/; expires=Thu, 13-Nov-25 09:56:34 GMT; domain=.fmscc.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"71b87650dcc098099504aeb500d83c82","sha1":"1a9643d9c5e52dc826dcdf45f4c2a75fffef8200","sha256":"d3a8cc67680cef1603b26de64be9e21c5dd27db1dd97a4e1b1a70d5b88a6f17e","sha512":"f1e5d367ed2dc04649cf4254b84614c1923476ad5a5be2f4ac0b63508644bcd3b0cae06fd98799b5b7c2c2cd6e8d5783d2bfc81f4946b09512ef72daa2c82daa","ssdeep":"","tlshash":"bad05b1e560d18ffc90119cc39d125d4bfc3c1053ca88c86c043cd5a2bc134104367ce","first_seen":"2025-09-25T10:53:06.771626Z","last_seen":"2025-12-08T15:00:55.832251Z","times_seen":96,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/v0bee1dd66-Bi7RQSCs.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/v0bee1dd66-Bi7RQSCs.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-22b\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":555,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (555), with no line terminators","md5":"3fcb621065d377b75a01076a4f9d537f","sha1":"8ab00f71164113e2b23444c16971d9bf261b8ad0","sha256":"b805809c03ece2fe0d0c6d6626da19981261e1acb8e28c94f4f5387fd1c81040","sha512":"8baae85cfcc463c847cbc081091029d6f3f5918f9e4e563cd82e5c798f68979c15209d2b30a3534d1364f5088c6e9af4989a326273bf8d62f3663d69b7645338","ssdeep":"","tlshash":"43f0c08b1bf05619c01b16eec61b25912264417786cc4f1ea2bc5b785321ab8dd02787","first_seen":"2025-11-13T09:27:03.367787Z","last_seen":"2025-11-13T13:10:59.517242Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n282c3e144-Ca1rsrV0.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/n282c3e144-Ca1rsrV0.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-547\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1351,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1351), with no line terminators","md5":"7bfdd7cdc6631c250a932d8ca131e678","sha1":"0280d5a9a5ed79fd6b50e7f171aee91639355e54","sha256":"88a7cb48d56a2a62c41f1f479fef59790fef3ee95fcb47ead9dd2985557d0ab2","sha512":"f2e8416bb8a46578e74f756e9ce9e97b836f5faea4f23d0c4d4c8f846942dbf9925f33ec230157428b3d755b16559aae51b873d968ec8d97fe12168cb910c936","ssdeep":"","tlshash":"1621118eecb099fcc42acdfce265e0310719239b1258d330851e9d751391a867627757","first_seen":"2025-11-13T09:27:03.368865Z","last_seen":"2025-11-13T13:08:42.284313Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b8fa55-DFyULdzD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/b8fa55-DFyULdzD.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-49a\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1178,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1177)","md5":"afe3d39bbeefda45c93966fe444da933","sha1":"7b25d4afca5f56ed26b15a67ea255886b7d36d3b","sha256":"defcdb35dfc83c975847eb4e53b91feacaf166ef4f7ec75964a630a348f929b8","sha512":"a129322cb8a3829c602b417d5b05375e3570be6e5ab8adaf2d898bbabe19365b56de8df08caa555b32ec1e2fda69dd58781d2eae147d4c988d3931be27fc2fec","ssdeep":"","tlshash":"9d2144cde1a043bc9a0b10ede33e500974550363cb9d4b55e2bd563a1fa759ad415b81","first_seen":"2025-11-13T09:27:03.369896Z","last_seen":"2025-11-13T13:05:11.168788Z","times_seen":3,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fmscc.com/sync-do","fqdn":"fmscc.com","domain":"fmscc.com","tld":"com"},"ip":{"addr":"172.64.150.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmscc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 13:55:05 GMT","end":"Tue, 16 Dec 2025 14:54:56 GMT"},"fingerprint":{"sha1":"E6:8A:4B:CF:E6:3B:CF:3B:70:A7:E1:11:3D:1A:58:43:46:06:D8:0B","sha256":"9A:82:A4:B0:A3:43:41:ED:F9:BF:23:D3:B8:BB:71:E5:D9:70:B1:88:71:0D:04:B3:C3:72:8F:DC:C0:D5:DB:2C"}}},"request":{"raw":"OPTIONS /sync-do HTTP/1.1\r\nHost: fmscc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-length: 0\r\ncf-ray: 99dd3a70391623eb-OSL\r\naccess-control-allow-origin: https://cdn.ak2yy.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=X.eU_y.SFyWC5aFGsXTzKherqr8TXTcDD1sfjN2bKxE-1763025994-1.0.1.1-sdddY.KCuc_BDwihZfZ0.7ABmxgdL_.6GTfkWg3uyxmwhtbYP51KfIBxpUl9Tes0tXzaBfEqTo2bdUWgd6tCtrBC89XhZm9uFToDiN.ppHs; path=/; expires=Thu, 13-Nov-25 09:56:34 GMT; domain=.fmscc.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":27,"dns":2,"connect":1,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-13T09:26:33.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /clicker/1866/pt.html HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]}],"data":{"size":123400,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"687bfc4fd2b08aab97ad54f1d8640816","sha1":"d780bf90ac03f5f02f6a7697144aeda9447cbb42","sha256":"0e31e7532483d4485376398c5352bee184d7130fba230ae72df210c7ad253aec","sha512":"b0adb95db5ae42309afdd8711f5c02e2643b216fded37c8ad323ab55a810a9b7665c40d7d47af70359501ce5258d160284a04ca95875b507a0371b471c26992b","ssdeep":"3072:eezf9fbvMqIHz5ea7IgIhBTs1q9PTi9eP+ssn2dwR5sVOBd:LJfgLH9ea7IgIhBTs1qti9eP+ssn2Ed","tlshash":"8ac30a5656b306292c2e77a0e096fb04e09ff74bf7a67bc0687a01215bc39c93b73654","first_seen":"2025-11-13T09:27:03.37212Z","last_seen":"2025-11-13T09:27:03.37212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":98,"dns":55,"connect":19,"send":0,"wait":39,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 688\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 0de98f92cfb2570da0b3a8250a87023b\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-04T06:46:21.974817Z","times_seen":115067,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/pt.html","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-13T09:26:33.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /clicker/1866/pt.html HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":123400,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"687bfc4fd2b08aab97ad54f1d8640816","sha1":"d780bf90ac03f5f02f6a7697144aeda9447cbb42","sha256":"0e31e7532483d4485376398c5352bee184d7130fba230ae72df210c7ad253aec","sha512":"b0adb95db5ae42309afdd8711f5c02e2643b216fded37c8ad323ab55a810a9b7665c40d7d47af70359501ce5258d160284a04ca95875b507a0371b471c26992b","ssdeep":"3072:eezf9fbvMqIHz5ea7IgIhBTs1q9PTi9eP+ssn2dwR5sVOBd:LJfgLH9ea7IgIhBTs1qti9eP+ssn2Ed","tlshash":"8ac30a5656b306292c2e77a0e096fb04e09ff74bf7a67bc0687a01215bc39c93b73654","first_seen":"2025-11-13T09:27:03.37212Z","last_seen":"2025-11-13T09:27:03.37212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n69eff725-CdkXwWBD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:33.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/n69eff725-CdkXwWBD.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-42b\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:33 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1067,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1067), with no line terminators","md5":"4502297830cc2163901219f4b04d597b","sha1":"40e962abd1a0ec5131335d5f56a318bb8e260646","sha256":"4defef0e170ee521ada4272577b632d39f55f91afbf8c3cb7166643be048d07b","sha512":"16efe747a606bffcdad99513c2a20667e25e248baca0e4eddd7372241d623f9db7723e8a618de8cbc6395de6d0f1b30d6bf79425eb11bc3a19f9206bf73b1c06","ssdeep":"","tlshash":"3511754d7b94282b001535fcd044e9104249526a2fd90fe2e0bda6f92f3aecd7c02f07","first_seen":"2025-11-13T09:27:03.373308Z","last_seen":"2025-11-13T13:10:59.504337Z","times_seen":6,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/eacc57-Btvfzi4L.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/pt.html","date":"2025-11-13T09:26:34.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 03:32:10 GMT","end":"Mon, 22 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"80:96:47:C1:4A:94:BF:A0:11:31:1C:47:89:DE:63:E7:B8:09:0D:7B","sha256":"1D:01:F8:C5:8D:A8:4D:27:F8:F2:BB:F4:65:31:27:B2:9E:86:AB:F7:64:97:CE:91:6C:99:2E:8D:39:5E:9B:33"}}},"request":{"raw":"GET /_astro/eacc57-Btvfzi4L.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 09:26:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Thu, 13 Nov 2025 08:35:53 GMT\r\netag: W/\"69159869-1c5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Sat, 15 Nov 2025 09:26:34 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":453,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (453), with no line terminators","md5":"e0f429381c32fb07c5467f4dce1af6f9","sha1":"f26697a0efc06885848e3c514c494ce46abeedb4","sha256":"32f8d7192c79aecb878773f18ebd6534c93c3e0ce67037be11655303fcb62027","sha512":"5b4b537c8ad9d6096abc5cd07b9bd731cc2c231fa6d4bfb821dcbf1fbfe7cee982cc4c310c2f897a67c53a4f399d5121ad032fb83b52de5f6eaa37e642bd0335","ssdeep":"","tlshash":"b4f02785bbe06e5a406a129cd156151239a5416392cd8fa1e3790a3783a95dea921383","first_seen":"2025-11-13T09:27:03.374399Z","last_seen":"2025-11-13T09:27:03.374399Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}