{"report_id":"ff8809a8-9df7-4827-a36f-fec14bcd80a0","version":6,"status":"done","tags":[],"date":"2025-11-23T18:26:47Z","url":{"schema":"http","addr":"kansino.gold/","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"kansino.gold/","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"title":"Kansino casino NL — hoofdgids voor spelers |","dom":{"size":30323,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (641)","md5":"04fdfa1b232fff3dff1a013abd76f617","sha1":"00b11755287c12f0614a5f8e6f6ef6cdb13b2f18","sha256":"334ccc0496540c2555bfb6748751a40240b34c72d2d53cffde76b233a53bee8e","sha512":"158aa282c1bdb617ab1addaf07f444d3ec0e007e7d5abba50e77768f10b5a1a5dd4018a53e36a6b70a8b88b18103c758e471b54f18a3659b87997f4ae0b0a432","ssdeep":"384:+1H/9t/umYUgBtwNffuoL1gWetgJjhU9WY6NEFzGg6n1QpPHPA:SH/9xBYUgzwNf2vtgNgy5gMQxHPA","tlshash":"22d2f923a8d11f3e01c193d576399f0bfb55820bca2a96b8f69ec3657f81c9164b7348","dom_hash":"domhash21485c39c759329209675b2a7d8fe17c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kansino.gold/","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-28T18:26:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"kansino.gold","ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-23T18:26:47.706924Z","last_seen":"2025-11-23T18:26:47.706924Z","alert_count":13,"request_count":13,"received_data":635126,"sent_data":6048,"comment":"","tags":null,"fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:5.3.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-11-16T22:20:40.871771Z","alert_count":0,"request_count":1,"received_data":90137,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-11-16T22:24:12.204838Z","alert_count":0,"request_count":1,"received_data":81213,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kansino.gold/bl-kernel/js/jquery.min.js?version=3.16.2","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6c2415c0ace414e5153670314ce99a9","sha1":"5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6","sha256":"d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8","sha512":"de027062931edd07b01842eff24fc15fdbdcaa1af245dcd133155faba9e0c965f0a34dc6144ce3b149bc43b4597073c792cb6dabbfc6168c63095523923bcf77","ssdeep":"1536:/KRUXRa8Dgwxcy2jpBNwch96SLk8Ek2BSrBGS1ia/eEk4aV2EXi8SMpQ47GKV:/u1zNwcv9qBy1HOg8SMpQ47GKV","tlshash":"9f83f8df77ca702247ab30b9006f550bf276199d684d4400f259d8e9bc78a4a823bf7e","size":87462,"data":"","first_seen":"2023-05-12T23:07:48Z","last_seen":"2026-06-23T23:55:56.173479Z","times_seen":30574,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8b3837d5b049ff72979db36e5faf05d4","sha1":"96da9a1690791ddd7a3d950a49cd88f43ff344ec","sha256":"e8f6c911ee289e5200a00b33c654c622107eaf73d9d5e43fee0a22a6d6a70e82","sha512":"9e8d7fc49e8930f97414eac80aee8e1ba8579e82975f50e4b3ae70057cf49616b580bcf96a48822bf5e72e13f9ed8baa689b4270e5f2a630a4812f0ca02db2d6","ssdeep":"","tlshash":"47f097796f001c304a9aa1ae9baff38165301043c0adac17796cd5408f3dc2294227ec","size":620,"data":"","first_seen":"2025-11-23T18:26:53.176057Z","last_seen":"2025-11-23T18:26:53.176057Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"849e6db145f2905ce210f628bddd9de5","sha1":"d722fa9982da8aa48df88251bb1897f13c1db3b9","sha256":"aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04","sha512":"54adb372f9ed12e7da8a673e79f3988badb654de5969c767b9f9e65fbcc88423e68e12a73a2f590ccb60d7fba0e65d7cddfd7d806d7f701b2d3cee03f0dfc89a","ssdeep":"1536:OSif7R2qTTR2t4iYniNw+inreQURwTLBAF+27wXiYE3Yjr/I2:4R2cpXLBl27wXit3Yb","tlshash":"ca73b7593254b4730ade85b68037420bf2265994b24b802cb5bcadde2a7dcc67277f7c","size":80421,"data":"","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-06-24T00:32:08.944587Z","times_seen":16743,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-kernel/js/bootstrap.bundle.min.js?version=3.16.2","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0805bca912ec901f2a7096228b62d46","sha1":"3233fd01d87fba457eaad8dcbc289f75b170f814","sha256":"19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49","sha512":"8a097c58452e6acf64e5db6784aab2ca577a4f3cd18ef32a2c2efd8e4813df3d3616f2721c0b94b727a69bf3ff8d84a77b5c70148d3a7b3431130c1e6a257b54","ssdeep":"768:du/iZDSuTVlHNvNu7MTMYnxKeNbtj+nUvAQ3+SQQnxyoM+Fos/aAMEolXlbBaCBW:deiJS4KUwnUpkQYV+mB9mydftEyHdUPp","tlshash":"eb83944972a4f472069f60a6907b0a0bf6376c4da507b01cb6e8d4ed1e7cd88316bf79","size":83376,"data":"","first_seen":"2023-03-07T12:23:54Z","last_seen":"2026-06-24T01:19:04.564603Z","times_seen":14729,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8b3837d5b049ff72979db36e5faf05d4","sha1":"96da9a1690791ddd7a3d950a49cd88f43ff344ec","sha256":"e8f6c911ee289e5200a00b33c654c622107eaf73d9d5e43fee0a22a6d6a70e82","sha512":"9e8d7fc49e8930f97414eac80aee8e1ba8579e82975f50e4b3ae70057cf49616b580bcf96a48822bf5e72e13f9ed8baa689b4270e5f2a630a4812f0ca02db2d6","ssdeep":"","tlshash":"47f097796f001c304a9aa1ae9baff38165301043c0adac17796cd5408f3dc2294227ec","size":620,"data":"","first_seen":"2025-11-23T18:26:53.176057Z","last_seen":"2025-11-23T18:26:53.176057Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-24T01:14:58.57881Z","times_seen":376710,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-24T00:56:25.112442Z","times_seen":483825,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"kansino.gold/","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-23T18:26:24.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Bludit\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kh4qKGwu7nuM3Ybqe7ZaYRfFy68%2B%2B68ifE7HGPqp5UOXjOd1wcrXRyySO6mIAqzoC6xLCrP1mfVfaJF5ND0RsN8W2bnUj2YWav0%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a32b6f77ebeb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:5.3.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":30811,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (641), with CRLF, LF line terminators","md5":"908291932767ceb2af39320acb319305","sha1":"ab28edb439efb8e8c2c2c66da7482b4d1067bcf8","sha256":"2052aa96f30dd4ce6600ecf36b833eb86286e80d3fa1ef2f1638754cdf830313","sha512":"f8bf7ad54351df2ec94c283fe1292a3c7f101ebb0ac5d38e7ccd4776238fa787eed8c915cb592b2f6bbdefd57fecf0d21b0dfd193c2b374d5b1778270a9df51e","ssdeep":"384:a1HVc4p/uPLUgBtwNffuoL1gWetgJjhU9uY6NEFzDg6n1ykpPx3PX:WHVc4VWLUgzwNf2vtgNsyigMXxxPX","tlshash":"35d2f823a8801f3e01d193d4b6359f0ffb55821bca2656a9f6eec2667fc1c9064b7748","first_seen":"2025-11-23T18:26:53.141859Z","last_seen":"2025-11-23T18:26:53.141859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":103,"dns":82,"connect":1,"send":0,"wait":113,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-plugins/fixed-footer-banner/img/logo.webp","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-plugins/fixed-footer-banner/img/logo.webp HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17448\r\nlast-modified: Fri, 24 Oct 2025 22:40:26 GMT\r\npriority: u=4,i=?0\r\netag: \"68fc005a-4428\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ahn7lhTopUw2Nl3oQBTHXJQXX%2BNiNvaEA%2BgZGP7UCDWd5yNuwnjQq76E5DzpozCJyyhfsxbHGtpcfN0wPsff14iDXzxxIWALa0wnwA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a32b6f96a8835a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17448,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"120c64788c0d376dd00df0fc67197114","sha1":"c107d75d7b2207a0ff514be6fd9c43ca11fe8005","sha256":"204c33dfc3096c524f8a88babf926a408db7dd76833f76ccfa614a052a0d0c95","sha512":"d9d4f849047a5b9c49ed981d8aa0910a480d4875157766448c686b364d977fc2a0a69902ee72e7dd93c548a445398142443e4f138c55a303708d99c93252c8cc","ssdeep":"96:5VVr5831kH84TIp1SKWKYF4HMMeY9xLejWvkiXuVxVqNjNZFNuynkNXjrMsc5WVL:PVres84CbWe+clBki+VxVqBp8RV","tlshash":"7772d728bcf57aa4c849a3315fe132825e738b839640cc89ba8d0da7bf14799dd8f045","first_seen":"2025-11-23T18:26:53.146479Z","last_seen":"2025-11-23T18:26:53.146479Z","times_seen":1,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\nage: 1131716\r\nx-served-by: cache-lga21931-LGA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 71, 156877\r\nx-timer: S1763922385.992020,VS0,VE1\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-24T00:56:25.112442Z","times_seen":483825,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":88,"dns":34,"connect":26,"send":0,"wait":28,"receive":8,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-themes/theme/css/style.css?v=2.6.11?version=3.16.2","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-themes/theme/css/style.css?v=2.6.11?version=3.16.2 HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 31 Oct 2025 09:08:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69047c7e-2a06\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ygoKgBkdPkpHcPYWR%2BU8xw8U5Slq3uQBmZuYAHBdy5UXFxjrWDhgzxwTa7WQpBbCTrewJgfnpNanrnjHsnnhyvd8wQACo%2FsMlsgkFA%3D%3D\"}]}\r\ncf-ray: 9a32b6f95a8535a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10758,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"e2e15d8190124db1eb7c2b3669175f99","sha1":"0c7b9484dd2a5130246e4048b497d4b65bdf77e0","sha256":"6c1c42943b76ebd4b4b4e0920fd13d70962dd49cf3d4cf66a59b6ff9a0e1e645","sha512":"cec76bac3a57baf717db704e798055915753b8a51c79420ba82eab1b88ba3cfa2d5c37df3ccd426d6f8aae6b049260849160a57e63896821fe3de4e987936c7c","ssdeep":"192:bdjRerck+EPAOZYbddSsBEiYQ26x6ALkzV:bdjD/dS22MjY","tlshash":"c4225554aae05128711bc56c26e3e769376e9000ca0fce3d76f731989fce3d951a3b88","first_seen":"2025-11-23T18:26:53.152643Z","last_seen":"2025-11-23T18:26:53.152643Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-themes/theme/img/back.webp","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-themes/theme/img/back.webp HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29602\r\nlast-modified: Sat, 25 Oct 2025 11:22:26 GMT\r\npriority: u=4,i=?0\r\netag: \"68fcb2f2-73a2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VHIjMFKfwk4HLMcX1JSKaZCRMRV8eo3v67lqOm7mKPD1muvJDDNb55sIvWIPLX6pPMRJuozpj3B%2BrPmmVxqCY0EWmL6PJV0C9vOY6g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a32b6f96a8735a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29602,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ccb4fe40a79756013526de14696a62a4","sha1":"02ebaff9b910ac62b2a84fd6dd9eac691e730713","sha256":"7b82498e8c3a3a2f1fdf725e9d151e9efc259ed26399659b765b2cfb363ad030","sha512":"5c2a96f8e3d90c82513ccbc7b7a610dcc9572f674115a15d60e87c9c0eb4501c5e1a7b34810f65c00b1018e76c2f395df3d3ae60c90293b9528d88e4ab700cd5","ssdeep":"384:5PDZGVM8aQ3M3EguXUCH2Yhnz9NzjcDwQ2r40ltWsHo9iNGmGfS:RZGSoM0N9hnz7z4eFtNIit","tlshash":"ead2c017daba7e9a70f5c2352dd862471caf1f879481ed02329e9f067f103a7dc6a042","first_seen":"2025-11-23T18:26:53.154969Z","last_seen":"2025-11-23T18:26:53.154969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-content/uploads/pages/e24650f6ae6e6566ba5da581e2c66dff/welcome-bonus.webp","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-content/uploads/pages/e24650f6ae6e6566ba5da581e2c66dff/welcome-bonus.webp HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 42448\r\nlast-modified: Fri, 31 Oct 2025 07:09:08 GMT\r\npriority: u=4,i=?0\r\netag: \"69046094-a5d0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QymL3YvlRsj7DXnWq09JVO9wA61b8PqQCtbtEuCYZA%2FADXfbFyZFYTA9cNzHoXWmsqWMHJ2npsTGA8hUC7Tl9yp1WJXnNE5%2FeHpmuQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a32b6f96a8935a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42448,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"22c369865c2ba262b77fcc5bc24a3380","sha1":"8121c6eef3390a331d2fa512e80fce9c552476be","sha256":"49b21744f1e7b794da4d6db0ad95c8c2321f08067b49e50853da01079594e2b8","sha512":"794092a905098940755781480a44f6859c0f627bcab9ff2bef6a2c38bb8685f374971d8952fe18146b0353c1def0dab90a916c1749c6d10088705ca29f6b0a7b","ssdeep":"768:E4DtKpIpQ0PRjcmpOUHkJgm+1cG1xyKKxsSlWMN8jyRiR:dDtKpSFcsyJRkGKEHlp8jyR2","tlshash":"3513d185bdba34a0fd1fa4b24cb51ac8cb43b9871a929c577ece191e9f103394d0b249","first_seen":"2025-11-23T18:26:53.160487Z","last_seen":"2025-11-23T18:26:53.160487Z","times_seen":1,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Sun, 23 Nov 2025 19:14:24 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4maVoUYb3oTUlcD77%2FNM2OoaoKWGIYOAob3D6tpcmzbBSonSXQtvBZP2FFwhVFRgAfb%2FfMt2DmXNs%2Bw%2BBhySwzwCdZ%2F2IdcInW0WFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncf-ray: 9a32b6f96a8c35a6-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-24T01:14:58.57881Z","times_seen":376710,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.3.0\r\nx-jsd-version-type: version\r\netag: W/\"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\nage: 2096787\r\nx-served-by: cache-fra-eddf8230081-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 23984\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"849e6db145f2905ce210f628bddd9de5","sha1":"d722fa9982da8aa48df88251bb1897f13c1db3b9","sha256":"aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04","sha512":"54adb372f9ed12e7da8a673e79f3988badb654de5969c767b9f9e65fbcc88423e68e12a73a2f590ccb60d7fba0e65d7cddfd7d806d7f701b2d3cee03f0dfc89a","ssdeep":"1536:OSif7R2qTTR2t4iYniNw+inreQURwTLBAF+27wXiYE3Yjr/I2:4R2cpXLBl27wXit3Yb","tlshash":"ca73b7593254b4730ade85b68037420bf2265994b24b802cb5bcadde2a7dcc67277f7c","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-06-24T00:32:08.944587Z","times_seen":16743,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":16,"dns":0,"connect":13,"send":0,"wait":19,"receive":3,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-kernel/js/bootstrap.bundle.min.js?version=3.16.2","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-kernel/js/bootstrap.bundle.min.js?version=3.16.2 HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 25 Aug 2024 11:14:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"66cb11fc-145b0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7%2FsCkqdD7dDTPIieZ2xw5hiOjZcV%2FYWG%2B%2BBOMUTsjwfYZbs%2BgakQjOMzQMT3q2E3f1lr%2B0sknQrMpT9GnguL0%2BdWwwGP58%2FPg2H0fg%3D%3D\"}]}\r\ncf-ray: 9a32b6f96a8e35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83376,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"a0805bca912ec901f2a7096228b62d46","sha1":"3233fd01d87fba457eaad8dcbc289f75b170f814","sha256":"19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49","sha512":"8a097c58452e6acf64e5db6784aab2ca577a4f3cd18ef32a2c2efd8e4813df3d3616f2721c0b94b727a69bf3ff8d84a77b5c70148d3a7b3431130c1e6a257b54","ssdeep":"768:du/iZDSuTVlHNvNu7MTMYnxKeNbtj+nUvAQ3+SQQnxyoM+Fos/aAMEolXlbBaCBW:deiJS4KUwnUpkQYV+mB9mydftEyHdUPp","tlshash":"eb83944972a4f472069f60a6907b0a0bf6376c4da507b01cb6e8d4ed1e7cd88316bf79","first_seen":"2023-03-07T12:23:54Z","last_seen":"2026-06-24T01:19:04.564603Z","times_seen":14729,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-kernel/css/bootstrap.min.css?version=3.16.2","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-kernel/css/bootstrap.min.css?version=3.16.2 HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 25 Aug 2024 11:14:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"66cb11fc-279ab\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xFMQlw9ykTdXay8TXCxzWKCiV%2FP1f7OaA8WKqKVIDDw5tAM%2BeAw6ZgXXYUIhsGKj13uRe%2FJZoS5TrRD7LwThUWJr86ZrbwCAQ1sl3Q%3D%3D\"}]}\r\ncf-ray: 9a32b6f95a8435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162219,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65326)","md5":"728c47119aba7a7add41661763f560c3","sha1":"35832b42d4452484b579b91d59fbb69edc4915db","sha256":"1ab8decd2652f344638ca63854d6b3571dee5534076c9d4fc5954306fd40ca41","sha512":"0f77418260379fd9924d109edc0bc58aa6b3879a4f08d2dc82bc76eac04774ea408aaefb6954bd9bf79df971bb2c88572fa5d50538e239d151fad2c7dac032b1","ssdeep":"1536:SS7CI4NT5+rMqFVD2DEBi8yNcuSElA3/uJpq3SYiLENM6HN268:17sAGLq3SYiLENM6HN268","tlshash":"17f352a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf8273b6447892c70a73e4c","first_seen":"2023-04-08T16:56:33Z","last_seen":"2026-06-23T13:21:23.720896Z","times_seen":441,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-content/uploads/BLUDIT.webp","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-content/uploads/BLUDIT.webp HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17448\r\nlast-modified: Fri, 31 Oct 2025 06:48:27 GMT\r\npriority: u=4,i=?0\r\netag: \"69045bbb-4428\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hssgju2BcMPAM12ANLhr%2BopzsvmkcjrTssELlk3C7rzM31qkBvSZ4Rtjsf%2BXTqJRpf1ecSE6gXvEoProZjIpFN3HGyehCM5luI9VMg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a32b6f96a8635a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17448,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"120c64788c0d376dd00df0fc67197114","sha1":"c107d75d7b2207a0ff514be6fd9c43ca11fe8005","sha256":"204c33dfc3096c524f8a88babf926a408db7dd76833f76ccfa614a052a0d0c95","sha512":"d9d4f849047a5b9c49ed981d8aa0910a480d4875157766448c686b364d977fc2a0a69902ee72e7dd93c548a445398142443e4f138c55a303708d99c93252c8cc","ssdeep":"96:5VVr5831kH84TIp1SKWKYF4HMMeY9xLejWvkiXuVxVqNjNZFNuynkNXjrMsc5WVL:PVres84CbWe+clBki+VxVqBp8RV","tlshash":"7772d728bcf57aa4c849a3315fe132825e738b839640cc89ba8d0da7bf14799dd8f045","first_seen":"2025-11-23T18:26:53.146479Z","last_seen":"2025-11-23T18:26:53.146479Z","times_seen":1,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-content/uploads/pages/e24650f6ae6e6566ba5da581e2c66dff/app-20.webp","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-content/uploads/pages/e24650f6ae6e6566ba5da581e2c66dff/app-20.webp HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36816\r\nlast-modified: Fri, 31 Oct 2025 07:09:31 GMT\r\npriority: u=4,i=?0\r\netag: \"690460ab-8fd0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=43fPNGV%2FkU32kmWVjaVK6NjqNk6LiFSXdT%2BQHIB0cYsGb9zfQWkLa7Z%2BOGeZUu5lXkH4CVMvyOvfCNGUXwjYLyJcOhEUzKoRJ1qYHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a32b6f96a8b35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36816,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0eabd712c0e65b0d4c790a647eefd99f","sha1":"a043991a578bcc32a72865a2bd03468db9c78a0e","sha256":"468db9ef3de75cd95cdc0650bb7bdefee871c821887f5cfb0870b58829a61825","sha512":"5952516479d3c87df11b63df6ea9a550f3af697075faeb4197415f99a8ef916159086b634197886a505ae899a897f8c911e547dba57a76d74593c25df870e918","ssdeep":"384:dEbBekYX5y1wgxEWUu0YbEvJnCT1h2HWGLaHzoFYy0h9p9z+2T90pRbaIuHi+5z:dLk85y14WUc+a1k0zXy0R5+250cHiC","tlshash":"45f2cf547dbbba3ee6cab33408e436413d77524bea909d02bedd5c282f41b458c592d3","first_seen":"2025-11-23T18:26:53.167342Z","last_seen":"2025-11-23T18:26:53.167342Z","times_seen":1,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-themes/theme/img/favicon.webp","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:25.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-themes/theme/img/favicon.webp HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:25 GMT\r\ncontent-type: image/webp\r\ncontent-length: 16078\r\nlast-modified: Fri, 24 Oct 2025 22:19:14 GMT\r\npriority: u=6,i=?0\r\netag: \"68fbfb62-3ece\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vIGvmc2QVWdNwhGUgkmP%2FNLX2pIi4w9y5DoaYXDPpaYvgpMJ8wzg%2B1bugm8UYB74mfIqoiFOFKBXjVlDXSY8dWmKX1c%2F5tOti6J8GA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a32b6fb5ab235a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16078,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"292d854ea27087d939c639073fa8ace1","sha1":"5594eb02769693057f5ca0357b4cf14041e2b3d4","sha256":"dc64fe5654d101625d046952d4ca7b4e4ec9fd1f45aad58500f0d71e44aea44c","sha512":"924c0a6664b697502fe5662c7d64a177b68373cf06fb370f1c96ed46c834a58786d845137d739f8d593522e71ce70819f05f2b23f9edcc711bd5b34d9f546346","ssdeep":"96:TVd/a015XEkEWmTwA7b7qurCNX7sc5pt3L:hwg50k6s/tb","tlshash":"86729520fef17264d48997392ed424065e334783da80dc85bbcf8e266f107ad8c4f196","first_seen":"2025-11-23T18:26:53.170317Z","last_seen":"2025-11-23T18:26:53.170317Z","times_seen":1,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-content/uploads/pages/e24650f6ae6e6566ba5da581e2c66dff/slots-12.webp","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-content/uploads/pages/e24650f6ae6e6566ba5da581e2c66dff/slots-12.webp HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 90162\r\nlast-modified: Fri, 31 Oct 2025 07:08:55 GMT\r\npriority: u=4,i=?0\r\netag: \"69046087-16032\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w0d7xtrjS0VxiF%2FwANmnv2oUoeXlc7rJ63jUHII%2BicAxdhxwDa4znMh%2BIaVIsr53%2Bn92UbgdckTPv9MdAVvPH9MbOF0uY72905y4Ig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a32b6f96a8a35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90162,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aaee8bd48de5ef9f940f5c3c979c847f","sha1":"c5b5989513a08cca0b3fec2d9f0e7157b68fb126","sha256":"e7edd6759e4e7c7ec2504bbb9b4694a915f7606cf1b3183831330ca714b06554","sha512":"0a29888b6d85dbd94124fd5b1ff3d744ed0bea4b1c5a12a141e842af778546bd2911cd47ce7582db02282b9f34790afddebfb83cd8f9a5e0ccd90f6693c5e2a1","ssdeep":"1536:HsfwvpvvFNwv4qmFnizpJJ/n6Jya7rhCuSF3Xg:cwBvvFNwv0nizEQQhCuSF3w","tlshash":"419302746821350ea1dda13c9f02301c0bba96e3ab510de5f8cd8c196fa5bc95deb3d9","first_seen":"2025-11-23T18:26:53.172729Z","last_seen":"2025-11-23T18:26:53.172729Z","times_seen":1,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kansino.gold/bl-kernel/js/jquery.min.js?version=3.16.2","fqdn":"kansino.gold","domain":"kansino.gold","tld":"gold"},"ip":{"addr":"172.67.142.139","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kansino.gold/","date":"2025-11-23T18:26:24.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kansino.gold","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 18:46:16 GMT","end":"Thu, 22 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"07:4D:34:85:AF:35:8B:0D:3B:0C:40:F7:2C:5C:D7:CD:7F:99:1C:33","sha256":"AB:69:62:98:B3:F0:CF:B5:0F:AE:45:EB:8F:36:5F:F0:19:39:5E:8A:CB:65:67:BF:DD:C0:CC:B5:91:C4:62:BB"}}},"request":{"raw":"GET /bl-kernel/js/jquery.min.js?version=3.16.2 HTTP/1.1\r\nHost: kansino.gold\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kansino.gold/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 23 Nov 2025 18:26:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 25 Aug 2024 11:14:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"66cb11fc-155a6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pyv7q0qdgx5xmTTAquQP2%2BFoK3rKi6yzkiKeBcw9Mmc7ovcLTk6TzwWJAIb1RL4Xu%2FCmAxLEJO8%2BCRYlAcQ%2BmIUg7xJxzpTd07vYBg%3D%3D\"}]}\r\ncf-ray: 9a32b6f96a8d35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87462,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"e6c2415c0ace414e5153670314ce99a9","sha1":"5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6","sha256":"d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8","sha512":"de027062931edd07b01842eff24fc15fdbdcaa1af245dcd133155faba9e0c965f0a34dc6144ce3b149bc43b4597073c792cb6dabbfc6168c63095523923bcf77","ssdeep":"1536:/KRUXRa8Dgwxcy2jpBNwch96SLk8Ek2BSrBGS1ia/eEk4aV2EXi8SMpQ47GKV:/u1zNwcv9qBy1HOg8SMpQ47GKV","tlshash":"9f83f8df77ca702247ab30b9006f550bf276199d684d4400f259d8e9bc78a4a823bf7e","first_seen":"2023-05-12T23:07:48Z","last_seen":"2026-06-23T23:55:56.173479Z","times_seen":30574,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"kansino.gold","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}