{"report_id":"ffdf4580-be87-4ed0-8b6a-7963494416a2","version":6,"status":"done","tags":[],"date":"2025-12-10T20:29:37Z","url":{"schema":"http","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"title":"Career Challenges and Aspirations: Tell Us More","dom":{"size":122919,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"449e4cb8914aa313290cd2304cb3ac14","sha1":"e5192c9f1cc45d71460f4bc120acba65caf872cb","sha256":"68696e8ea07cf4119c92a4769c5b6b2e7297bab33cb70dffa1bc6fd83bb5bcc4","sha512":"39ad715aa0572501f6952e4018b9edb7a293f6662bc8857b8fca6c4cc12a3f9b44aeb09562ac5c1cb11fe517d1198be18697ed9ef9d352946b6cb75724a753f0","ssdeep":"3072:w3jsHK9WzQvesHzQeaSIgIhBTs1qcFTi9IP+ssj20FWV:cjWzYH0eaSIgIhBTs1qui9IP+ssj20gV","tlshash":"bbc3194a9ab30229391f7794d092fb44e15bf74bf7a677c4987a00216bc79d93a33780","dom_hash":"domhash170144372e996943e495b4333575a3c6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-14T20:29:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.ak2yy.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2022-04-14","domain_rank":0,"first_seen":"2025-07-28T00:54:36.726993Z","last_seen":"2025-12-10T19:15:37.098477Z","alert_count":124,"request_count":62,"received_data":611151,"sent_data":27970,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]}]},{"fqdn":"fmscc.com","ip":{"addr":"172.64.150.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-03-03","domain_rank":56637,"first_seen":"2025-05-23T16:04:51.866057Z","last_seen":"2025-12-10T15:29:25.916692Z","alert_count":0,"request_count":2,"received_data":2387,"sent_data":935,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"datatechonert.com","ip":{"addr":"5.11.81.37","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2021-12-24","domain_rank":17968,"first_seen":"2021-12-24T16:44:17Z","last_seen":"2025-12-10T15:29:25.897484Z","alert_count":0,"request_count":1,"received_data":482,"sent_data":551,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-12-08T10:39:01.450991Z","alert_count":0,"request_count":1,"received_data":834,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdntechone.com","ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-12-24","domain_rank":31929,"first_seen":"2021-12-24T17:09:58Z","last_seen":"2025-12-09T19:46:16.393613Z","alert_count":1,"request_count":1,"received_data":17276,"sent_data":378,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/da2690-Cc0nT18N.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9976c5a81813f52b242afb79a37ca2c5","sha1":"cee47c32179ec422070861df11b0b0bdde90fa37","sha256":"dae01120d125abc96a8c83ca064513df21cf79a9489749eb2b69159b7d1ad0bc","sha512":"45c2eebb8f98820bfd1f1145f3f7c4a0d656e947077e5642b6c8369ef8535fc57118d11d5675c6c20c61df8685e8cd6f27bbb962e104e4d14cac339bebe64f51","ssdeep":"","tlshash":"fd51018fc03610594f94cff9b8792a173ed7c22a39868d4823c0a43c41e4bc622bf7a5","size":2951,"data":"","first_seen":"2025-12-10T15:29:33.358135Z","last_seen":"2025-12-11T08:35:00.387666Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ebb21fd30--nPooeHH.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ade8399f935046d46397888a51c7c7f7","sha1":"08a3695132344356cd6867b0b12e1fb8bb5c3343","sha256":"0b2ce125b0060299b5af6ba6a74b69822699668920b21bec6c8143f5d31454ab","sha512":"64a6a63fec863183a2246000186b2723039dc8ad140f8fc92861076b66541ea7dcbfc61229768ae41cdc6e7e9c252930204bca4e1b40159d764e2dede80edaaa","ssdeep":"","tlshash":"61f0dc890af04725460f239cd042a44131a8002303accb60d0398b39ab66deeea10743","size":466,"data":"","first_seen":"2025-12-10T15:29:33.356755Z","last_seen":"2025-12-11T08:35:00.400191Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y004b729-C_zFP4bA.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"b637a47e0efab6cf3d07624a3f45d48a","sha1":"201e1a7fa202eaaeb7961bd7fc83fd78a837d37f","sha256":"87d0f282216d490345df004acda3bc069bbe8d9af7914d5efc9de0fd5c017578","sha512":"2b685f14d34b548a246ffd8de6c73745a115b122b6df65c05eae722704e1e91607c11f9fe6abf01d34c4323a360925881c7bddcc269f31bf014d26206e7c01cc","ssdeep":"768:UkVif+rSCvGqbUIv549hMtimBInlkCPRYpxMRoATx+E3LVm/DfxC2sUHg3aUhdqq:3VrSgChsjATx+EMJsi7VYfPwCw/g","tlshash":"b0435e9ed2529fe988b31798b91c2a11b32d0d0ded4991a0ecdf0f1a176dc87213b79d","size":59627,"data":"","first_seen":"2025-12-10T15:29:33.391235Z","last_seen":"2025-12-11T08:35:00.348654Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a398af6-BMY3HCtH.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d2372e0e74595fa7ebb6e6f42d72e576","sha1":"8dc1d4dd04286729198379ec53c39b00facff96a","sha256":"4e9958daf3c14bd7c2ac8d3e60219334393971e64818a3fe43771d9c9919543a","sha512":"25c35df275f0be617d0c802da53b341257db82bad5ee8003579f8eef6b8a1cb4a1be444679fac413e7e226b4437201330990d9a6b5dbf8a9d563eccf2e707493","ssdeep":"192:U43ZHn0fnKxZ5CN8Qm2M5yer6wV6UWT950ly12/ro6AQNSAF8HKCHuKXVmvyvO4o:RNnIv8X2KrIUE950YUToPmZN+VDvOjj","tlshash":"c492eaf0936851d5d51e07bdea3d60e1a2392effabcd828062a87e95546c2d12e08fd1","size":19627,"data":"","first_seen":"2025-12-10T15:29:33.36893Z","last_seen":"2025-12-10T20:29:41.490304Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/q86f1d9-jzZkWsVt.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"02a814159507b555cd92bf89b40c3d5e","sha1":"2c72fd64ec5610dc1f213161306deabd7863d643","sha256":"c3c63b99e35f01a8ed512dd526cb6e9e8c9e291a205b4e16bd58e7c30208ceaf","sha512":"24de3c744efc116757cddede23e2cc81941063308aaf4f2614b3f5d811b9d2a499220bda4c5cc2fcdb4656b59df4803c79e9796cb6d7f781d5c637911e9c6ccf","ssdeep":"","tlshash":"26f0ab4c5ff81e49403e22acc06b44443698417b87ed4fa1e2f8873f936aacbe811387","size":450,"data":"","first_seen":"2025-12-10T15:29:33.363806Z","last_seen":"2025-12-10T20:29:41.509857Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0fbb7dbae3c20bc81da1b8bf41c13e8e","sha1":"f333d36b1dbecd026483e78eac843bdeb2dde04c","sha256":"eeeffffc79c48f4fbe510fc3fcdae29885a18a48ae121968e03fe502fb48fecc","sha512":"1e82716fa5da363b595ffc7b569caaa347df281bc89fb9d62dd89d2dec789280d9574694f6f78d250922e8d0d3bdc8a637f5748d7c4f4e5cb4e5465106542e0c","ssdeep":"","tlshash":"9ff0998af3c8b623410666e5321b801be67e1851b407a864a0a088e2ac7a449c189f3a","size":636,"data":"","first_seen":"2025-03-04T04:04:04.143618Z","last_seen":"2026-04-19T03:10:45.02237Z","times_seen":3433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p47a80d0-C30fJQri.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"582f22b41429cf4248e5f35757404a90","sha1":"08ec62d69da99818d3b31db8602a4a580899e4cc","sha256":"8b5e78aa884416c4b4e1138d3f625e3d5198bbf5a299fe0059ee6cf21e9466ef","sha512":"f4262a51e476c0d605d2cce1ccd56c5d8f684655e16fbccb4cc56e22787740bb697534e0d7f9ce4941f3b0baf3802d6e4c715e886db9f9abf567081b18cac4e7","ssdeep":"","tlshash":"e63199fd04e48d3862d94598db351a127275160374e59e06f26f97d0039cdce8626b3f","size":1875,"data":"","first_seen":"2025-12-10T15:29:33.344588Z","last_seen":"2025-12-11T08:35:00.344288Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g64ac43531-C58wuwms.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"62ab15bc680d00be23870a4a3218ed54","sha1":"9292020ea60913320245449a0424c305519f32f6","sha256":"aa54e280087b738ba9af9cd479b16641eb362dd3764bd4fc07ac685fe63badde","sha512":"a5ec3f406e998cb134fbdba730f261ef47042b020ec83b0a8b19902037a023000086cb513d6f9563e7daed4c2228cf2073634d67c9a8d97887229dceccb69c82","ssdeep":"","tlshash":"6431b6dcd820db6c813a299dd25a11177b05376b13bbcb01c5bd383b23992c8f617b22","size":1707,"data":"","first_seen":"2025-12-10T15:29:33.419633Z","last_seen":"2025-12-11T08:35:00.361025Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n26d6704d-DohrhP14.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e3997c79c89eea4d60a8838b513ba46","sha1":"e73607a58219749abda682daebcbac7c3fe88815","sha256":"e4e758130c88e0f562e992d5013b8c7888be95b61085a8bb09ee564428caa024","sha512":"c963aaa87a5d40abfad100d6b467244b72bfe608da467cea9844853cc5907d0971187105ea0c75aea22cac528956c61a04b3f898d4099931f16f040dd1e84ac7","ssdeep":"","tlshash":"c5515499b0b26bbc703f26cce53d5c42f30e2f59d7494e80a56da8311b840d97b1a38d","size":3115,"data":"","first_seen":"2025-12-10T15:29:33.395501Z","last_seen":"2025-12-10T20:29:41.497247Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l1a2ecd4-C_MkHrVp.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e09f0e95ce50726bfe8ba68ebc5a4741","sha1":"29e5297ff211031d192f9d4fa2cc95c0be1a716f","sha256":"0b0c297b282b90b7f8a0875544aa0ee5cd2c04db3d302e82553bb570d150df1e","sha512":"0985a2ad21f982e0b1d6b6f347dd37303be31835fa5694806597ca8d93f2832301e40a315b05924846a0a2e6202ff26116e6adeec2638c934a5d37a0e061eafc","ssdeep":"","tlshash":"a6f05c4266f15d0e803513ddd35255013a69423393cd6f51a3bc4e3703a9bcd8a10283","size":451,"data":"","first_seen":"2025-12-10T15:29:33.349233Z","last_seen":"2025-12-10T20:29:41.514402Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l1029daa7-BTCuy35r.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"356d385e9834a603ef3fe267ce2754b8","sha1":"069f47d81b7fd1f32521f336e9e234bc409d6729","sha256":"4eb780682d69eab8670bc2423e914643bffcf84eb803cf254e8aef658e717935","sha512":"2559e13857080d9d3d74226ac69103dc1f0c07c33f6908f6a21f4a45cdb57f0ea528c1bbef795957d56a3df3dc3c83df5f7effd8fa78cb519a22ba1569071b23","ssdeep":"","tlshash":"eef0558aafe05d0b903913edd946884136d80173a79d1f52e2be063a2375acdea003cb","size":453,"data":"","first_seen":"2025-12-10T15:29:33.427905Z","last_seen":"2025-12-10T20:29:41.491551Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d1b934d0a143f9775d07f4fb3c2d7b1","sha1":"22f155777b6181069926273eeee89b5ebd3146f6","sha256":"6971c41dc6d47326dc0f8b6bc0c3453e6d4224a55e0a1444c0034cae7f0a6083","sha512":"6e5e0a84c7302925d75bd501c5ad16d59243442f8af5878e31899f1d6d91ade1803e2bc3d60e4222a1d35f09e9760dfa5c683db017af8c93bf368d7511aa2533","ssdeep":"","tlshash":"5f11869b530d3748b820f438456cfa10810e58a428e9540e9dc34e855610f1fb9fc9fd","size":1097,"data":"","first_seen":"2025-12-10T15:29:33.430711Z","last_seen":"2025-12-10T20:29:41.52057Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"003c3f9d1904d63ffe88e1bc4fcc6768","sha1":"cde9763f3301abf51f8b34f83c9502bfd3b1c00a","sha256":"e3e948fc5e9bbd65dfc27422e40f4f9a990c4e8750aabd11c706a1103955478e","sha512":"0ba9899b32195caaafd800370623acae472cbf1eb6a4d013a9c1e020b7a1a28af28d5408e3a34c1c5fb43839fb9d1437515994f6f21d41d0be8ce7f6d1bcbed2","ssdeep":"192:8vvxELbFop/pLGubuiC52pTuCao9y8M+4iQD/Tasm1EOS6yrkx8rHa/mb6gXxUMi:8mLbFkBGubuiC52pyCao0+4lD/Tasm1v","tlshash":"7b22c7962efbb041262163b1c07b9115a3a748013166b273b81f7562e87188fc7f7f66","size":10340,"data":"","first_seen":"2025-12-09T19:46:17.805225Z","last_seen":"2025-12-11T08:35:00.406783Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n377ae383-jOX6lp_V.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d579c71ea9e06c40c881df2c149194aa","sha1":"82fba279f436aa1d76e4f724babc0ae5d670bea4","sha256":"ae9c35e91c4e4a0bed5945ca9d2f825cdc72644d7874afffa5cef8f2796ae853","sha512":"d6aa94132690da6d2af85014c09003feb13c155a1384f00155ce84cd8e7c76dd03aaa71155dc3e16eed2b14f92c795a7904cac1a9229e2ccf04d63b0ae2dbb1d","ssdeep":"","tlshash":"7d41a6a871251b7cf00e499ef56d868bf017774adb4ece91f0bc492a17098847b06f84","size":2208,"data":"","first_seen":"2025-12-10T15:29:33.361653Z","last_seen":"2025-12-11T07:47:30.105246Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/h7071ef4e-uKiSnrbr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","size":421,"data":"","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k1a6116-npeuGTQA.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea7cf8b8ceaf026b0be3f732a1c3c3c4","sha1":"73302e0132da9653b860cce2574ff29b626145a1","sha256":"9400a4fe4527ce9dcafd19f16b5404e46e02bef0ac3f9ca5283c2f917db2ecc1","sha512":"118cac5acc7cc0eb2a0f6498576f16ea97eeb393ba1bdee2a81e77dc4fd98a9f48ff578fe842b41abe8ecf81596b1a53ac932356b4199eaff20468aee050c2f8","ssdeep":"","tlshash":"103185dc90a2627ce06f0ba48069204d67491fb3e76f8f91e2bd94351316c94620bba5","size":1823,"data":"","first_seen":"2025-12-10T15:29:33.347284Z","last_seen":"2025-12-10T20:29:41.500283Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f098392a01-DPniaGYv.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"41f3af3eb7629019305ba4053af53039","sha1":"9c94c2d1b3a1aa60d9977befcf219dd2e29bad8f","sha256":"40f15675296856083ce8addde0107456166f626599501f3622606c3d9516d711","sha512":"4f9326677f76b4e51bc19eefad55479079e95c5bd2d4aa53215d920854aaa191a3545dbad0203b2c5f3cd03c82367f46cdba72e9730085d7df6541d9f998643a","ssdeep":"","tlshash":"f8f05c492bf46a06842d12ecd5925902f6dc283366dd9f12d1b80b3a23689de5d15297","size":450,"data":"","first_seen":"2025-12-10T15:29:33.329193Z","last_seen":"2025-12-10T20:29:41.518224Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"db41d6233b648ba83d1a70598871ad62","sha1":"3d5a8ec9c29c7c1aefcd37a7244768f0212f6bad","sha256":"ae9ee3f02ae7c65d24655acc908b582c5830df1648996a42ec2472a7d802e120","sha512":"2886a51ae3780c0bd52d09326310d572742aec68aa4c2e968b0760101e2f5abfdad1aad424eef8444d3f39e7bbb7da5a29236f5f3dd73060b00d065707a3c953","ssdeep":"384:8GShPC5hz82MNC2FWIQsGdNEY1TGlaMdEOga9LJ30eqnaq81QMXFX5sS5:87PC/z72FWIQsG7EYNGlamxgs930eqax","tlshash":"b7821fd5df521255331ee74ee277a921b6616c80f3c8f220ac2e1240e9c5dd99f73ab2","size":18762,"data":"","first_seen":"2025-12-09T19:46:17.806589Z","last_seen":"2025-12-11T08:35:00.407372Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"091fcea2ce8db1aa7fe44a4051e96b41","sha1":"4d1b368bcbddf456742d0abacd23ee510e609158","sha256":"433585662f852c8c76ded9e6f52054e1a120c78c7c0ecb8048fd3b99faa897f7","sha512":"765886ace161a524d53d770197f9f99de2c574df18129c8f32c3d4805f4680e2bd3c538527c6ed7e053b462fd1482e2eae75fcdf545bbeb795feff24d9c77d7f","ssdeep":"","tlshash":"14c02b9512f3e130f2a741c5c3cf32430000725602f841d351055c70401cc8a55a4f30","size":130,"data":"","first_seen":"2023-07-22T04:09:49Z","last_seen":"2026-04-19T02:32:56.85397Z","times_seen":9041,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d8c2f9-BQwkxFPn.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"8fa47fa00a355c9e55d65bdad602a4b3","sha1":"d6d4a0a4b3629922f37e5c1ecf4ab82e889a4523","sha256":"74db0438ccabd2fe2d7e6d0347bea079ea61f9cfbc3678e743b411ae7ee619f8","sha512":"7930b15f963fb67cb50e40e48ba5f0743afa6c10e03f19f4ff2ec0096f0e03c406bc74d4e7d75a55920e8f66c64a1c56ac36e7dc1e78bb1bacf21faba12a2ad2","ssdeep":"","tlshash":"55f0818a55f016e1405b5adfe15a6053b692012662cdcf92b06c077477d6e4d7152f43","size":555,"data":"","first_seen":"2025-12-10T15:29:33.352012Z","last_seen":"2025-12-11T08:35:00.334287Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","size":16490,"data":"","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-19T01:05:27.143438Z","times_seen":9149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e35cf4a5-DR07BWyQ.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bbcfbf2ea4630088e009a484309f0faf","sha1":"e259de9b1b9215194dd08c8adb4c95939d226ac3","sha256":"4d53c4a58d84d7379c25b990be6cf1d268ced33d818e393f47b1c14fc2bb7465","sha512":"9a6db92dc818e957ddbf221ee43e030b98c24491094a748ffc68c9613fe0817c8d42c79ce681e97cc71301e17a959f2882bafe509c0a3e86d48426d5dee4822b","ssdeep":"","tlshash":"4cf0c06659f00b29802a136fd61f1240317451ab8bdc8f13b1bd4bb48361eda9e58ec3","size":553,"data":"","first_seen":"2025-12-10T15:29:33.371267Z","last_seen":"2025-12-11T08:35:00.352752Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/z04af5b-Cwy0K-XV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"50608ca3d029cd7a9223c367bff59e0f","sha1":"26a96226e6a8c2aaa659cda725ce9dfe4c001826","sha256":"3ad6f8c26a24620b89f27a0552bb9c97d135578e4c6c90d16bf5761c6ef0adf9","sha512":"a95f2935d0613ca0d061dd4a055c8541bc40e163b3f3209982aede5681fdeac30e711dbadf4b0e3a19b2c2ddf21cfc46eae87a1f99fb645695b1d00d20aaf1bf","ssdeep":"96:5fHU9QatBB+Po0PR0idkngWwKWYhGD/yH/zil/SXhknzMRsOPkb5jszQ9a98Tq/c:5vU9HBkoqRkgWwKWY8mWl6XhizMRvPkT","tlshash":"52a174c094dad8fd0def9eda6554d16233144f177c8bad28b0a58c2527f9c0361ab74b","size":5023,"data":"","first_seen":"2025-12-10T15:29:33.413016Z","last_seen":"2025-12-11T08:35:00.333729Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w09a830ec-BDaj0jhE.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d1a7dea9da9fae23878b4c683348301","sha1":"c21f0074288e4c94ebc3877df7c72a3942f92bf9","sha256":"395c44ca754b2a2ec6a8ed61d13ac6abde202ac1f16eb1d9cede151b59702156","sha512":"c9c74b64f3c684d769e68216bdd9e9c26651d6873908e6ed04a76a4eaeb743b83829986823c37b2f434e8b86925bfaacca6c34345ff0b1bedef91da6a2107f0a","ssdeep":"","tlshash":"ce11328f84e43660401252ffe25ee71030211c6b6b8e8791e2bd0f686b11ccbe260bdf","size":1026,"data":"","first_seen":"2025-12-10T15:29:33.37362Z","last_seen":"2025-12-10T20:29:41.489178Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k526dc5cf-CoQHG7X7.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"80e0c58c14c0a807b6befb0e912971a6","sha1":"87266af98213519f550e56981186e06f40d59880","sha256":"25ac03b140b0daf430d5e817ae4ef8bc086e2ed30e1088117fecd19ed1cd8ff3","sha512":"d611048db9e917c32093c2ee39558cf743e4185d2373ae0d4da7deaea26e982e88793eef3f49fe872cc331f18e99ab7878357d188ce74aab3cae0d3cbf075a44","ssdeep":"","tlshash":"51514487f23094b84146a48dcb22613db27147da2ae4c9b4e0b81c10279dd8b6f7e76b","size":2779,"data":"","first_seen":"2025-12-10T15:29:33.409072Z","last_seen":"2025-12-11T08:35:00.3538Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j1a6ac7-CzMsPaY7.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d5ba1483322adb822e4305c257626282","sha1":"f6f4d6bc71f807817b28f091483c19a04196535b","sha256":"c76b91a073bc33d24434fca7492a5b9edf6fa69f786010a1065d8184d7bfe6f0","sha512":"46a034d73d45c35916551d4df9590f9d84238d082ae08a7d395fe7ec721dc916c63c9a0f8f67617b73c0b0a2813619f7d4eb9a2ac1d07832b3b344d1be4ebe78","ssdeep":"96:GTH7oYhg7tCSzRo2EwEoNGaSV/vqSz0y6gpsA:CHcYhgZfzRPovqByoA","tlshash":"6491348ff87960fc7596c69da132d1a3163735061889c1b4a9d74f2817a0685a33bb47","size":4282,"data":"","first_seen":"2025-12-10T15:29:33.40342Z","last_seen":"2025-12-11T08:35:00.372584Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y0ea366044-CFZCuoho.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"95ed80db2cab1b79c7ea5252d3f5e908","sha1":"20b0971980c09f5985695a39bfa74fd570f5cccf","sha256":"721a0eb5f2e43865ae290b336caab149ec16516695e91ef156e7b9feb13794a2","sha512":"63f3cec4f1d6881f3d5b888b3836ad86c7101c4dc454fb652fd6590912e38d4ac2300f0fca1ac9542bd1323861eecdc5fa6232f63d36f12c27d6ad0688f11b5e","ssdeep":"","tlshash":"0b2153ce9c7082fcc02d8dfde116e432571a338b565ad230c4de4e35232168aba2b71b","size":1329,"data":"","first_seen":"2025-12-10T15:29:33.404951Z","last_seen":"2025-12-11T08:35:00.365889Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w720efc8fb-D-ZkPXNy.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"82a40a20b7072df9e8ab89ea7b6984e6","sha1":"1980a24cf6b22da51ee3eabd45f1f8d9ab7ffef3","sha256":"3cb37e022b0b35564aecba805fd8871eeaece8a53cc970e62d4e5fd6aa8374f4","sha512":"f50a415b64c580b9428ebf358f2a353ecd3edd1f0d7aa183584328d08093513ff6ebdd2df7a291f5525792cb6ba5f0e8755f7c4d91e7a1f9aea99c4119130c95","ssdeep":"192:FtwgUwZM4wZ+/5HEushxdRzTRKpKwRPFPL61sJjOrjcgSQz6qSa:FtwgUwZM4wZyhEushxdxTRKpKwRfjOrp","tlshash":"5f022949a0700bbdb40b4ce8d9b5e11693359f46d60feaa8f35d4a2532e814423df3aa","size":8655,"data":"","first_seen":"2025-12-10T15:29:33.332459Z","last_seen":"2025-12-10T20:29:41.488488Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l85c0b5-DURlPhZJ.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"f58de0ccfca093f18dca6ca2234689e7","sha1":"b608d3bdfdc8d6b12448386da1da7a88b82e70eb","sha256":"45e9913972a4ef0d766d13b8da584516b6a28119d58517fffc359fae5a16f103","sha512":"f18c3d92c0c52e56a4f3ebfbec253e7779f70aab680bdf36e79094d59e65f2ee3632972b08ba86c7fe8e948e84c61b1a37e12ca3b491d1e36442e3f6e099c929","ssdeep":"","tlshash":"6201c08877f41b09c0a827afd11c7002714a446dd7edefd1f27c4a2b93855d66670b67","size":715,"data":"","first_seen":"2025-12-10T15:29:33.396694Z","last_seen":"2025-12-11T08:35:00.385374Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l656b89e-D_pKju9F.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ed5a0aad5f10645e90a63866f39d4388","sha1":"4b1a7c1f7fa63e2e0992b5f6b0d7e2f151e17bd1","sha256":"06290e95430de6a80638dc660994e805f1d9e77cbf3e0206a7d5f832668947c4","sha512":"d76d98b28998e0ba4c5758e6cfb3ef743e4ed65f6304951f258b089cbe169ef97577a17a9adb02756c29df6db3e52cbc9533b6d76809c0942fe1571622a689af","ssdeep":"","tlshash":"c031208d27f12671815814ddfa3770c1b07e1166b14e9980c03d4e773a9a9cbc67168f","size":1752,"data":"","first_seen":"2025-12-10T15:29:33.354671Z","last_seen":"2025-12-11T08:35:00.399574Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d20076-u6JfMUvY.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b10dc6238d0e2d300d8692ebef3e439","sha1":"0ebc89b8b7ee03b77e44d79781c3e40eae98815c","sha256":"eec34d9565eb13aa24baac7d93f7dd48def0de6e34203290b47d20c68df95a17","sha512":"b10cbf6cb3b2983e1009c68a2704ea2d6992481d987e6b74f005375bab94e365d508aefb47df8ece1d44cc62cc9ebec188516d1df7ed53b282cd4a314de0ddcd","ssdeep":"","tlshash":"0821654ea3b86171801415fec0065531b07745e3179c4f81b1bc2e344fa9a8afd25b33","size":1290,"data":"","first_seen":"2025-12-10T15:29:33.402132Z","last_seen":"2025-12-10T20:29:41.492786Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dce8f60-CHyY-Pnu.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"7bb08a6176669cff53e8e0c4b775463a","sha1":"70d7c7dc34e9bcca25d925af24ebcee98c803db5","sha256":"8711012c450f9fd0b52d085664957f590e924b41a65dd99135f7a69d38196540","sha512":"f4fe73a893e5da7df3b350ed62c1b74b6a53202232fda0eee42b3243f90711a6c9732eeb7a53b9e55ceda45f41d1e9f78fcc7d91d077491c4e115c4c9d433869","ssdeep":"","tlshash":"2e31838d84f452fc60ae05dec165ee2223111217b24cebe0e07e8f352379d8ba51b747","size":1601,"data":"","first_seen":"2025-12-10T15:29:33.414931Z","last_seen":"2025-12-11T08:35:00.332948Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j9de817e6-CHzlRbnW.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"f9366b86bc4e824b9671b584c829fbb8","sha1":"77220a286014a0883754870b3676d79e1596be8a","sha256":"3091352c1fdae06aa5846bc8e59d615a32aed13ad961e83563d00d1cc85b4c8a","sha512":"c4363949fca25e0ac4661ef74f3d903bd3ca7d82e23d3a397891296ed3f0d20ece0f7bdb3d9b45ffa6357255149356c83aa8704081fb9fccf4abbd166d0327b3","ssdeep":"","tlshash":"e1f0c98882f093548014179dc382390276441563a3cc6fa1f17c0b2f9383bcd9e25b43","size":518,"data":"","first_seen":"2025-12-10T15:29:33.338222Z","last_seen":"2025-12-11T08:35:00.380329Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/o322e47-DfFGiLfD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"851812e989625967d9a63a9e801bf360","sha1":"9697bc381459d831004801158bf41ba2055648e7","sha256":"7b1cd8f06c27ff01f7a5b2500ad23109b9d3a4c89220291391d84b7dec3d426d","sha512":"660032d62bbf76685c3af2fad8d85f0734f1871409b438c688a3fcc5346abb663e8d47ed8e6b286b3c122f78983c009d3feb5ac9f7d703a8c61def774eb48906","ssdeep":"1536:kr2RivKGOUC9dpjXOnlVS+NLcgzAyOx+XuPqTeJcvmzhnQ8:kiRMnlM+NLcgzAye+XuPqKJcYQ8","tlshash":"cc63f88a3391a1145ba9409514ba0403e399fe9e705994e4f6ef54cefb8ccc5f27bb38","size":73302,"data":"","first_seen":"2025-12-10T15:29:33.333838Z","last_seen":"2025-12-11T08:35:00.349708Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c89a6315-CfCmxfkG.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a98be0f9f31e7384992df36b66cd4cb0","sha1":"656a9dd370963504180ff5881fc9f3df7551e32d","sha256":"0cd3a9cb53734de49d947f1aefac68677d2c06a71c8830f5844805d7e6811014","sha512":"4af77556ca77734d638566df23657b5ee968f5308a396834ce27c64db0d76564332ae8d46fe5a06254cab3a8bea9b9295e05dd151d4f9f4fa51cf67c51a0628e","ssdeep":"","tlshash":"41f0a3499ff44959503a17dcea167540b1de003b56dc4f61e23c063b139bfced815287","size":452,"data":"","first_seen":"2025-12-10T15:29:33.340369Z","last_seen":"2025-12-10T20:29:41.517635Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"15505b2350e129b787d479f7507edee9","sha1":"09ccb3a84e7f25a30bf97594c9c98b6878fd4483","sha256":"53b6bbda82ae145cfc0fb1941cb035359d1c8b298798339cf53f5a543836ad65","sha512":"970991ac74c61bd2a25fe8a331be62b328d99d1f04b87a83cf50deda9d4d6b68a04403ba120796b1e2f9de04af78d640626fb95d2370907f4b626385f0562178","ssdeep":"","tlshash":"3a61947813111bb33ddda0a9dd286ec3dda51834859a887e784e5cf30658e4381bebb9","size":3462,"data":"","first_seen":"2025-06-11T22:43:11.360804Z","last_seen":"2026-04-19T02:32:56.854587Z","times_seen":8102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w8b263b12a-CvMrGSqc.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"fdbf6a042848c3815f899b4a537e3541","sha1":"0d1a56c950fe7699777333e59d7cdb8cecc1943c","sha256":"0dd6746d7d8b7b2a4311137ca579ea101297ae4c6ee667c05f44e4212d909507","sha512":"7f407b4a7d47659c8bd5721f6a905207c4f97a26ffdd2c29d097bb02e5759c2e71d6822ae31ff67aefe00902e9daa3dcf22811a8efb8c28c7fc4e234ba2600f9","ssdeep":"","tlshash":"ea01c6dea5f06628410a31ddd92320133260156b5bcc8f90b1ae063b17f96caca0e70b","size":711,"data":"","first_seen":"2025-12-10T15:29:33.334581Z","last_seen":"2025-12-11T08:35:00.383339Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/o2bb35d5a-DQxql5zl.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"44174df14357cb4f12272cb218aac8bd","sha1":"d31c2658fbdcb0aeaf25d311f3aabc27c0f0a015","sha256":"91aec828cb023db8f6dd5ab954cd624d4cf9890a36fce0d680a8358ad51b3a6e","sha512":"876c990a6b0ac0485b2996d293be51ff3470e1629319d4a4debc6718d48a06354b7caafee21b9b1b9f278865fa0e9be37b0e122b8325cc8f63de3afac690c27d","ssdeep":"","tlshash":"cb51b6af44a8a875054cb1aed63692622f1828137c0ec4a1e87c4d2e67d6086e13df2b","size":2749,"data":"","first_seen":"2025-12-10T15:29:33.34292Z","last_seen":"2025-12-11T08:35:00.388254Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e33f543e8-DCfPeC9t.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c76bd54eedca77327e27a3a71dc20c4b","sha1":"d734aea3baaddba5ad44c7b2ece1577557c08ec4","sha256":"889a9333243bd2742c8c1e52dd75e901380e0466cc3b9de4d282b547b9607c8d","sha512":"d2d6281831912746a57ffa867ae68da8d21d1d5c05b7d3ab3c5c0ac11424037eac338fedc65f77826f64fc6ee1d483b7b8d0d51c43292f47f68b3e23de0b0d2e","ssdeep":"","tlshash":"4341939c40f149b8d1a457ddd33af2323598293b358e8e90f22f8a32173ed4295b0fa5","size":2312,"data":"","first_seen":"2025-12-10T15:29:33.405846Z","last_seen":"2025-12-11T08:35:00.360403Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/x31a9db80-DDl2eHa4.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c93eec36a1125f8df1410e4aa9883718","sha1":"56053cf0237d7b7d89be535d96f78c6fc5527742","sha256":"00f64068956f8b7299ffaf26a09a8df7a374c1b18ec2c8cd76c46988a412fbf8","sha512":"c9619716f274e6fcc339e4ef0322a6b3db83d3a36f80ac280faed2a08c521e216b1259fa46d545c1665156dfec239698a41088fcc24fb738a5dffc13cdeab7bc","ssdeep":"768:T5FCDDOqykJ7QNp4N70H1KcvXCyLHWxA9k/eWj8kcj6tKwtZHNMSgz6lDNwnfZRY:zeqs7QX4qz4PNcj6ftZHNMSZH","tlshash":"8f534a687056203a03ef51e6e0bf6a4bf2356912e48dc644e316cef06fb469d4267f2d","size":63522,"data":"","first_seen":"2025-12-10T15:29:33.350694Z","last_seen":"2025-12-11T08:35:00.376564Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bc856766d-81a12O7x.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d7d8dc366b365a522b9c93e7f506304","sha1":"9d5da054d17dbf3dcc8f72a92659ffe85a29a0a1","sha256":"089bb850e53fc72046e4a02768d34cdf23e7110d5aae0a507f67939b6a228d4b","sha512":"e8caa327f023570616990ac761e6772f3e63980bb2920fdb700c8c4e4ac6aa2709dbfd4e190fb7a5d3adfa79fee9dd033671d876d5e771a6a27876777d31e4bd","ssdeep":"96:jxqH5MwAo3Yg/QRqo3utWpBWxcHA80UfB2/D3fpytNnU4ohQxeR:YZMwWCQUSOWGMAAJ44nD/o","tlshash":"87c1869ce1391669b02b9d9c923a121b67353723e94ddaf0e47e2e2023c978057c62f3","size":5693,"data":"","first_seen":"2025-12-10T15:29:33.410056Z","last_seen":"2025-12-10T20:29:41.519551Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n4ca70697-C_hy2v0s.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81866890a41812944b4e5b96ecc1fd40","sha1":"bcef465afd54919f160f345aba5c4bb57173e5c2","sha256":"e9a46b80da83dc0959dd88923a5e30816c2bb3c7d315aee4c4b9f1ea9b2c7791","sha512":"a6ed56cb35b7bd5e9d991f9582fe670bb42bf14f61392d906a3c7c5bd0196d577fdd00129f34f21d38888192a8e57004efef2af249372a6b32c4a4f3f405fd32","ssdeep":"","tlshash":"e901838e4af512ac480950ffc96262a13021013713cdcb93e0bc0a794315ed65b15fa3","size":692,"data":"","first_seen":"2025-12-10T15:29:33.389566Z","last_seen":"2025-12-11T08:35:00.388863Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/v1be0dfb4-COQAjm3j.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c0cab4301b6efeb7e60f5940906b8e25","sha1":"9d28604d6433c226afc79b1462fc68133ff9c067","sha256":"a58a41a24d6ed9a8063d8b0eb833a7080a1edd919e66b5add75460d0a07551f9","sha512":"19f49c1d58f046b22f7b8ccfccc0fe8a0afe9546fe715c164316808d70e14383c0cb34175e619c27877429fa50f275b8bebe0f42794a97485fc54977c2efbe26","ssdeep":"","tlshash":"352114c5b2b390b813a953ece0267642f514492557ccc2d0a1bb16762ed4fdb9c3062f","size":1353,"data":"","first_seen":"2025-12-10T15:29:33.39385Z","last_seen":"2025-12-11T08:35:00.354667Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/fe8e00-DdzZp0hT.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dbb9037dd14fdf9fe8aca44b276a7b1f","sha1":"659c3de10dcd0cfae213eaee906f688e1a9797b7","sha256":"8147c21fc30fce3da3713cff97b6b7b4abd0c3444b157e4c98f16207ea688fe6","sha512":"1d1a55bbaa5b5aac918b1bd2c10e9301c558e815b003749cbe1c73aee1b02468e003e37e1b209b4e2fd6f9b38ae3d29d32bed01e99d8899421748e104c5ee903","ssdeep":"192:wwgJZXcMZnQhde70MgNsRpB7cREui0WeLZpzLehrvSl4IYO6GP82+AH:wwgJZXcMZnQfe70Mg8wREui0WeLPzwTa","tlshash":"0a123c8860c61c3cd4864cfde5a5c528b23e0e1ded8bc9c5e19e6cbc1298541b2b6f5f","size":9120,"data":"","first_seen":"2025-12-10T15:29:33.41129Z","last_seen":"2025-12-11T08:35:00.394934Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b2542c91-D-Be7JV3.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d8c22c294e132634a4df950264c6953c","sha1":"b72fc8a0c0b165099706182e92281dc85cff4bf6","sha256":"5136854cce6e086dba6fc335c247717c0e9d6ab6d98684d5c21b557efec5b760","sha512":"6bca7cfac28bd4560d5fbbe49117c0899c85b22fd0af5cc1d166ca4543833466971364ea558c78b1a7deaed739d7aaa2df1a19ac6dc48853c3d70195517d9a37","ssdeep":"","tlshash":"2721a3cca0b043ad8a0f52feeb7d1044744a0333cb8daa92f1bc23380b875c9a915b64","size":1175,"data":"","first_seen":"2025-12-10T15:29:33.360198Z","last_seen":"2025-12-11T07:47:30.088621Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/facf80e-AvoJpEtr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c5ed12b59945886acbd12d54d0a81b1c","sha1":"6f4775739c7f03bbdbf027885e45666c1c5c03ab","sha256":"9d32d17281f360d51f33193508bc6eb40f02a103690a710efdfd84c74940df65","sha512":"8916515de3be79087f660ef4740686d7b6f64f1f972e0e6391fcc78181ea337d258ab5dd41796c114f243ceebab1305d8ee5eaa94339cb8ed0fc5af6d603e84f","ssdeep":"","tlshash":"2ff0dc4a3ff46d19403a27ecc4170005b68c0333129d9f90e2390aba43faacea511383","size":452,"data":"","first_seen":"2025-12-10T15:29:33.392266Z","last_seen":"2025-12-10T20:29:41.494551Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e25aac1-BBdp24Gq.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"afae8524cd630bf48ebce29695c568d6","sha1":"d9827408e112bc60687defbd6f6f7e487df68ed1","sha256":"805a35766e6d3ba47adf66833ff076a98d2464ebd305f3336e493e32ca22aabc","sha512":"47d01da65968296cd4e2f925fa29e9c5c92de81ba797c2b4c4f4d37cdab1961bdcd872042f5da6ed9f7c58c9f4c2bed6b9c609ce25920dfbd7e94dc48015db63","ssdeep":"","tlshash":"52f027665af11e14802a225cd6ba64457794413742cc4f92e3b94a2573a69efa91038b","size":452,"data":"","first_seen":"2025-12-10T15:29:33.330603Z","last_seen":"2025-12-10T20:29:41.486665Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba0f4e77cb3d1968e8bb09e81cc6345e","sha1":"c3dabda4cfc7ed18627ba989f8ae8766b1ce4933","sha256":"7885d6bc09b192bdb9d4b2599239e210ae4b70f1773646a96c97a9a21c184487","sha512":"57baf1a1c836348e36fb6c38e649c142601110dd231faea9bc2a5c9c653c4b014dc4d02b3bbd7dad06a67eb2418bde568ca6f698086f9ce179718b5b1c56261a","ssdeep":"","tlshash":"f3c02bd612f36130f3ab40c7838f31c300207016027840d351014c70101c4494594e30","size":130,"data":"","first_seen":"2023-07-23T05:20:44Z","last_seen":"2026-04-19T03:10:45.026942Z","times_seen":6972,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a66f99c70-oUoKO3Bu.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"aed848419adb32125fd1e501c556a158","sha1":"f105fd31a3ac8b6b1f381479bac53262cccbf414","sha256":"579e55ff0de348e5c3bce2c7748c2e589eb4eea6e551861a5ad929ed7cf726bf","sha512":"664ccc5b4c80788520d13eb7a38decb2e1282c55734146ec62ebd7a810abfea85323fd57b6fcaacf3d1b107727a1c91ca6366b8ffa350cc338e644f62bd8d88d","ssdeep":"","tlshash":"0a51316965f93b6f4c9b2bf6524d810e1f2e988b7489c730ac9bc72cf95848c34b1b51","size":3020,"data":"","first_seen":"2025-12-10T15:29:33.399528Z","last_seen":"2025-12-11T08:35:00.35662Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b68c74f-D5mFF9A9.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e2f2c7c162b3d6d24963d6cba1c5ed4","sha1":"37d337424156840342765e109643ff76ca71f80f","sha256":"7c1f819900895ea0d21e79503bbaff358a03d7be86eb42a609dc16fddffab67c","sha512":"14e1b0ae0e8f4d5f2701a4359ed225ff6a43ee524f4c0206c2b62ba008069d0cd1de3ad8fc600fee755bc7b55c2f0854bd03964373c1bc0d857a51e3a110828a","ssdeep":"","tlshash":"1e1110cd81f4e294c00845eec60b62343575016b23cdcf9aa0dc2779575e9cada20767","size":959,"data":"","first_seen":"2025-12-10T15:29:33.398227Z","last_seen":"2025-12-10T20:29:41.516059Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1177\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1177,"data":"[{\"app\":\"landings\",\"event\":\"load\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 133f37a09831090baab388ded647aebc\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e25aac1-BBdp24Gq.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/e25aac1-BBdp24Gq.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-1c4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":452,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (452), with no line terminators","md5":"afae8524cd630bf48ebce29695c568d6","sha1":"d9827408e112bc60687defbd6f6f7e487df68ed1","sha256":"805a35766e6d3ba47adf66833ff076a98d2464ebd305f3336e493e32ca22aabc","sha512":"47d01da65968296cd4e2f925fa29e9c5c92de81ba797c2b4c4f4d37cdab1961bdcd872042f5da6ed9f7c58c9f4c2bed6b9c609ce25920dfbd7e94dc48015db63","ssdeep":"","tlshash":"52f027665af11e14802a225cd6ba64457794413742cc4f92e3b94a2573a69efa91038b","first_seen":"2025-12-10T15:29:33.330603Z","last_seen":"2025-12-10T20:29:41.486665Z","times_seen":3,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1835\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1835,"data":"[{\"app\":\"landings\",\"event\":\"adex_status_bad\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230},{\"timeStamp\":1765398556099,\"event\":\"error\",\"timeOrigin\":86},{\"timeStamp\":1765398556101,\"event\":\"error\",\"timeOrigin\":2},{\"timeStamp\":1765398556102,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556113,\"event\":\"error\",\"timeOrigin\":11},{\"timeStamp\":1765398556114,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556115,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556135,\"event\":\"adex_status_success\",\"timeOrigin\":20},{\"timeStamp\":1765398556136,\"event\":\"adex_status_bad\",\"timeOrigin\":1}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 0b9cc117d88a12f1c95998be85c68187\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y004b729-C_zFP4bA.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/y004b729-C_zFP4bA.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-e8eb\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59627,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (59627), with no line terminators","md5":"b637a47e0efab6cf3d07624a3f45d48a","sha1":"201e1a7fa202eaaeb7961bd7fc83fd78a837d37f","sha256":"87d0f282216d490345df004acda3bc069bbe8d9af7914d5efc9de0fd5c017578","sha512":"2b685f14d34b548a246ffd8de6c73745a115b122b6df65c05eae722704e1e91607c11f9fe6abf01d34c4323a360925881c7bddcc269f31bf014d26206e7c01cc","ssdeep":"768:UkVif+rSCvGqbUIv549hMtimBInlkCPRYpxMRoATx+E3LVm/DfxC2sUHg3aUhdqq:3VrSgChsjATx+EMJsi7VYfPwCw/g","tlshash":"b0435e9ed2529fe988b31798b91c2a11b32d0d0ded4991a0ecdf0f1a176dc87213b79d","first_seen":"2025-12-10T15:29:33.391235Z","last_seen":"2025-12-11T08:35:00.348654Z","times_seen":8,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j1a6ac7-CzMsPaY7.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/j1a6ac7-CzMsPaY7.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-10ba\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4282,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4281)","md5":"d5ba1483322adb822e4305c257626282","sha1":"f6f4d6bc71f807817b28f091483c19a04196535b","sha256":"c76b91a073bc33d24434fca7492a5b9edf6fa69f786010a1065d8184d7bfe6f0","sha512":"46a034d73d45c35916551d4df9590f9d84238d082ae08a7d395fe7ec721dc916c63c9a0f8f67617b73c0b0a2813619f7d4eb9a2ac1d07832b3b344d1be4ebe78","ssdeep":"96:GTH7oYhg7tCSzRo2EwEoNGaSV/vqSz0y6gpsA:CHcYhgZfzRPovqByoA","tlshash":"6491348ff87960fc7596c69da132d1a3163735061889c1b4a9d74f2817a0685a33bb47","first_seen":"2025-12-10T15:29:33.40342Z","last_seen":"2025-12-11T08:35:00.372584Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w720efc8fb-D-ZkPXNy.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/w720efc8fb-D-ZkPXNy.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-21cf\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8655,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (8241)","md5":"82a40a20b7072df9e8ab89ea7b6984e6","sha1":"1980a24cf6b22da51ee3eabd45f1f8d9ab7ffef3","sha256":"3cb37e022b0b35564aecba805fd8871eeaece8a53cc970e62d4e5fd6aa8374f4","sha512":"f50a415b64c580b9428ebf358f2a353ecd3edd1f0d7aa183584328d08093513ff6ebdd2df7a291f5525792cb6ba5f0e8755f7c4d91e7a1f9aea99c4119130c95","ssdeep":"192:FtwgUwZM4wZ+/5HEushxdRzTRKpKwRPFPL61sJjOrjcgSQz6qSa:FtwgUwZM4wZyhEushxdxTRKpKwRfjOrp","tlshash":"5f022949a0700bbdb40b4ce8d9b5e11693359f46d60feaa8f35d4a2532e814423df3aa","first_seen":"2025-12-10T15:29:33.332459Z","last_seen":"2025-12-10T20:29:41.488488Z","times_seen":3,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w09a830ec-BDaj0jhE.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/w09a830ec-BDaj0jhE.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-402\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1026,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1025)","md5":"8d1a7dea9da9fae23878b4c683348301","sha1":"c21f0074288e4c94ebc3877df7c72a3942f92bf9","sha256":"395c44ca754b2a2ec6a8ed61d13ac6abde202ac1f16eb1d9cede151b59702156","sha512":"c9c74b64f3c684d769e68216bdd9e9c26651d6873908e6ed04a76a4eaeb743b83829986823c37b2f434e8b86925bfaacca6c34345ff0b1bedef91da6a2107f0a","ssdeep":"","tlshash":"ce11328f84e43660401252ffe25ee71030211c6b6b8e8791e2bd0f686b11ccbe260bdf","first_seen":"2025-12-10T15:29:33.37362Z","last_seen":"2025-12-10T20:29:41.489178Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/h7071ef4e-uKiSnrbr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/h7071ef4e-uKiSnrbr.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-1a5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (421), with no line terminators","md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a398af6-BMY3HCtH.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/a398af6-BMY3HCtH.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-4cab\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19627,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (19626)","md5":"d2372e0e74595fa7ebb6e6f42d72e576","sha1":"8dc1d4dd04286729198379ec53c39b00facff96a","sha256":"4e9958daf3c14bd7c2ac8d3e60219334393971e64818a3fe43771d9c9919543a","sha512":"25c35df275f0be617d0c802da53b341257db82bad5ee8003579f8eef6b8a1cb4a1be444679fac413e7e226b4437201330990d9a6b5dbf8a9d563eccf2e707493","ssdeep":"192:U43ZHn0fnKxZ5CN8Qm2M5yer6wV6UWT950ly12/ro6AQNSAF8HKCHuKXVmvyvO4o:RNnIv8X2KrIUE950YUToPmZN+VDvOjj","tlshash":"c492eaf0936851d5d51e07bdea3d60e1a2392effabcd828062a87e95546c2d12e08fd1","first_seen":"2025-12-10T15:29:33.36893Z","last_seen":"2025-12-10T20:29:41.490304Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/favicon.svg","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 28447\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: \"693969c3-6f1f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28447,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cfad15d30dae3df09e5cdf3b91556214","sha1":"5c451c15700279f2a2bf7d58261eff6ba6c2d4dc","sha256":"9a353afca57aed8c872145fc3d8686a2a27c80655d3c5306bb03a5fde1e5cfda","sha512":"3dde52c8ab8bc6b9603c7111f50895700d410d03c5838666cbc3f95aba7592a1ebe9b6b544191b80967e2aaf95551463c1232b8929fb8355b4b43a4ff35c5226","ssdeep":"768:hKAtKOZ5G2H6P/8awFZkU9pDaFy2nbhoAmF:PtKe6MawFZkUbKy2bh7mF","tlshash":"05d2e0b064bf4b5c47658a05f22bcc1cacc6faa3051d53f35be8663269888f44b7dd92","first_seen":"2025-09-22T03:35:17.75072Z","last_seen":"2026-03-26T17:02:07.810508Z","times_seen":1041,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l1029daa7-BTCuy35r.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/l1029daa7-BTCuy35r.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-1c5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":453,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (453), with no line terminators","md5":"356d385e9834a603ef3fe267ce2754b8","sha1":"069f47d81b7fd1f32521f336e9e234bc409d6729","sha256":"4eb780682d69eab8670bc2423e914643bffcf84eb803cf254e8aef658e717935","sha512":"2559e13857080d9d3d74226ac69103dc1f0c07c33f6908f6a21f4a45cdb57f0ea528c1bbef795957d56a3df3dc3c83df5f7effd8fa78cb519a22ba1569071b23","ssdeep":"","tlshash":"eef0558aafe05d0b903913edd946884136d80173a79d1f52e2be063a2375acdea003cb","first_seen":"2025-12-10T15:29:33.427905Z","last_seen":"2025-12-10T20:29:41.491551Z","times_seen":3,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/m9f22356b-CnIU5txI.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/m9f22356b-CnIU5txI.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4538\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: \"693969c3-11ba\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4538,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"30cff9c43d012b1619cc092d54379a0a","sha1":"2ef41df1c08e0a14fff271ae431cc90d806dbdc7","sha256":"58c8cf23b5c2a9e5d4cbc27fd3e97752d2c1fd9afc3ccd161781a4f00ff4cb52","sha512":"8bbc0164b81e626beb98e99bf559e3cafde62860c73a959d0b55f7b4a95bda00292547fa93c11655bacb3aa179dcc5e915d7ac3c4d36dfd00b675d91c703fec8","ssdeep":"96:70zGXtAcXJWW2FJP0JJVjSPuJBNbxxA8H/gFQjYNS3R/:wzYtA6JWWCiquJVxA8HaQk8/","tlshash":"48917d7447a3df09e8b382f2b5470b50cf473db8e644a31a432610de8e5154ed2cc654","first_seen":"2025-01-12T23:36:31.229067Z","last_seen":"2026-04-19T00:11:13.81164Z","times_seen":510,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d20076-u6JfMUvY.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/d20076-u6JfMUvY.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-50a\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1290,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1290), with no line terminators","md5":"3b10dc6238d0e2d300d8692ebef3e439","sha1":"0ebc89b8b7ee03b77e44d79781c3e40eae98815c","sha256":"eec34d9565eb13aa24baac7d93f7dd48def0de6e34203290b47d20c68df95a17","sha512":"b10cbf6cb3b2983e1009c68a2704ea2d6992481d987e6b74f005375bab94e365d508aefb47df8ece1d44cc62cc9ebec188516d1df7ed53b282cd4a314de0ddcd","ssdeep":"","tlshash":"0821654ea3b86171801415fec0065531b07745e3179c4f81b1bc2e344fa9a8afd25b33","first_seen":"2025-12-10T15:29:33.402132Z","last_seen":"2025-12-10T20:29:41.492786Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n377ae383-jOX6lp_V.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/n377ae383-jOX6lp_V.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-8a0\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2208,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2206)","md5":"d579c71ea9e06c40c881df2c149194aa","sha1":"82fba279f436aa1d76e4f724babc0ae5d670bea4","sha256":"ae9c35e91c4e4a0bed5945ca9d2f825cdc72644d7874afffa5cef8f2796ae853","sha512":"d6aa94132690da6d2af85014c09003feb13c155a1384f00155ce84cd8e7c76dd03aaa71155dc3e16eed2b14f92c795a7904cac1a9229e2ccf04d63b0ae2dbb1d","ssdeep":"","tlshash":"7d41a6a871251b7cf00e499ef56d868bf017774adb4ece91f0bc492a17098847b06f84","first_seen":"2025-12-10T15:29:33.361653Z","last_seen":"2025-12-11T07:47:30.105246Z","times_seen":7,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/j9de817e6-CHzlRbnW.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/j9de817e6-CHzlRbnW.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-206\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":518,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (517)","md5":"f9366b86bc4e824b9671b584c829fbb8","sha1":"77220a286014a0883754870b3676d79e1596be8a","sha256":"3091352c1fdae06aa5846bc8e59d615a32aed13ad961e83563d00d1cc85b4c8a","sha512":"c4363949fca25e0ac4661ef74f3d903bd3ca7d82e23d3a397891296ed3f0d20ece0f7bdb3d9b45ffa6357255149356c83aa8704081fb9fccf4abbd166d0327b3","ssdeep":"","tlshash":"e1f0c98882f093548014179dc382390276441563a3cc6fa1f17c0b2f9383bcd9e25b43","first_seen":"2025-12-10T15:29:33.338222Z","last_seen":"2025-12-11T08:35:00.380329Z","times_seen":5,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/facf80e-AvoJpEtr.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/facf80e-AvoJpEtr.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-1c4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":452,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (452), with no line terminators","md5":"c5ed12b59945886acbd12d54d0a81b1c","sha1":"6f4775739c7f03bbdbf027885e45666c1c5c03ab","sha256":"9d32d17281f360d51f33193508bc6eb40f02a103690a710efdfd84c74940df65","sha512":"8916515de3be79087f660ef4740686d7b6f64f1f972e0e6391fcc78181ea337d258ab5dd41796c114f243ceebab1305d8ee5eaa94339cb8ed0fc5af6d603e84f","ssdeep":"","tlshash":"2ff0dc4a3ff46d19403a27ecc4170005b68c0333129d9f90e2390aba43faacea511383","first_seen":"2025-12-10T15:29:33.392266Z","last_seen":"2025-12-10T20:29:41.494551Z","times_seen":3,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1682\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1682,"data":"[{\"app\":\"landings\",\"event\":\"error\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230},{\"timeStamp\":1765398556099,\"event\":\"error\",\"timeOrigin\":86},{\"timeStamp\":1765398556101,\"event\":\"error\",\"timeOrigin\":2},{\"timeStamp\":1765398556102,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556113,\"event\":\"error\",\"timeOrigin\":11},{\"timeStamp\":1765398556114,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556115,\"event\":\"error\",\"timeOrigin\":1}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 5cc78da9481a9031fbde01b3b4576f86\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1770\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1770,"data":"[{\"app\":\"landings\",\"event\":\"adex_status_success\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230},{\"timeStamp\":1765398556099,\"event\":\"error\",\"timeOrigin\":86},{\"timeStamp\":1765398556101,\"event\":\"error\",\"timeOrigin\":2},{\"timeStamp\":1765398556102,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556113,\"event\":\"error\",\"timeOrigin\":11},{\"timeStamp\":1765398556114,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556115,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556135,\"event\":\"adex_status_success\",\"timeOrigin\":20}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: ef5d6f6c5f168bbfd30f0061423b017d\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-10T20:29:14.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 410 Gone\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"410","status_text":"Gone","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121054,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"c84c619d4431e15d542d41b7df9ea9d2","sha1":"0458ec21665d72900a8929306318579a3252721a","sha256":"fcf17bafe05dd1ca85f01646b78e207e679c992e391d8de4e5b746855856d7e7","sha512":"f6199600700f67ea3f86d5f86fbe30de316b75848308e3188a3c0d05e1f046522793e51efee8f79956678e5514c6a20d0a165818670b42022b13e23ae4b5f702","ssdeep":"3072:P3jsHK9WzQvesHzQeaSIgIhBTs1qcFTi9IP+ssj2PPM:PjWzYH0eaSIgIhBTs1qui9IP+ssj2nM","tlshash":"afc3094b9ab30229391f77a4d092bb44a15bf74bf7a677c4987900216bc79dd3a33780","first_seen":"2025-12-10T20:29:41.495195Z","last_seen":"2025-12-10T20:29:41.495195Z","times_seen":1,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":105,"dns":59,"connect":19,"send":0,"wait":53,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/dce8f60-CHyY-Pnu.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/dce8f60-CHyY-Pnu.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-641\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1601,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1600)","md5":"7bb08a6176669cff53e8e0c4b775463a","sha1":"70d7c7dc34e9bcca25d925af24ebcee98c803db5","sha256":"8711012c450f9fd0b52d085664957f590e924b41a65dd99135f7a69d38196540","sha512":"f4fe73a893e5da7df3b350ed62c1b74b6a53202232fda0eee42b3243f90711a6c9732eeb7a53b9e55ceda45f41d1e9f78fcc7d91d077491c4e115c4c9d433869","ssdeep":"","tlshash":"2e31838d84f452fc60ae05dec165ee2223111217b24cebe0e07e8f352379d8ba51b747","first_seen":"2025-12-10T15:29:33.414931Z","last_seen":"2025-12-11T08:35:00.332948Z","times_seen":5,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1261\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1261,"data":"[{\"app\":\"landings\",\"event\":\"adex_script_load\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 15361bef3e5948a967e0f53a9caed523\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":361,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":361,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/w8b263b12a-CvMrGSqc.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/w8b263b12a-CvMrGSqc.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-2c7\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":711,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (710)","md5":"fdbf6a042848c3815f899b4a537e3541","sha1":"0d1a56c950fe7699777333e59d7cdb8cecc1943c","sha256":"0dd6746d7d8b7b2a4311137ca579ea101297ae4c6ee667c05f44e4212d909507","sha512":"7f407b4a7d47659c8bd5721f6a905207c4f97a26ffdd2c29d097bb02e5759c2e71d6822ae31ff67aefe00902e9daa3dcf22811a8efb8c28c7fc4e234ba2600f9","ssdeep":"","tlshash":"ea01c6dea5f06628410a31ddd92320133260156b5bcc8f90b1ae063b17f96caca0e70b","first_seen":"2025-12-10T15:29:33.334581Z","last_seen":"2025-12-11T08:35:00.383339Z","times_seen":8,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n26d6704d-DohrhP14.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/n26d6704d-DohrhP14.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-c2b\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3115,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3105)","md5":"8e3997c79c89eea4d60a8838b513ba46","sha1":"e73607a58219749abda682daebcbac7c3fe88815","sha256":"e4e758130c88e0f562e992d5013b8c7888be95b61085a8bb09ee564428caa024","sha512":"c963aaa87a5d40abfad100d6b467244b72bfe608da467cea9844853cc5907d0971187105ea0c75aea22cac528956c61a04b3f898d4099931f16f040dd1e84ac7","ssdeep":"","tlshash":"c5515499b0b26bbc703f26cce53d5c42f30e2f59d7494e80a56da8311b840d97b1a38d","first_seen":"2025-12-10T15:29:33.395501Z","last_seen":"2025-12-10T20:29:41.497247Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1564\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1564,"data":"[{\"app\":\"landings\",\"event\":\"error\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230},{\"timeStamp\":1765398556099,\"event\":\"error\",\"timeOrigin\":86},{\"timeStamp\":1765398556101,\"event\":\"error\",\"timeOrigin\":2},{\"timeStamp\":1765398556102,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556113,\"event\":\"error\",\"timeOrigin\":11}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 43ccc5c8331c6c882f86d5f89465771c\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/ebb21fd30--nPooeHH.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/ebb21fd30--nPooeHH.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-1d2\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":466,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (466), with no line terminators","md5":"ade8399f935046d46397888a51c7c7f7","sha1":"08a3695132344356cd6867b0b12e1fb8bb5c3343","sha256":"0b2ce125b0060299b5af6ba6a74b69822699668920b21bec6c8143f5d31454ab","sha512":"64a6a63fec863183a2246000186b2723039dc8ad140f8fc92861076b66541ea7dcbfc61229768ae41cdc6e7e9c252930204bca4e1b40159d764e2dede80edaaa","ssdeep":"","tlshash":"61f0dc890af04725460f239cd042a44131a8002303accb60d0398b39ab66deeea10743","first_seen":"2025-12-10T15:29:33.356755Z","last_seen":"2025-12-11T08:35:00.400191Z","times_seen":8,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/y0ea366044-CFZCuoho.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/y0ea366044-CFZCuoho.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-531\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1329,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1329), with no line terminators","md5":"95ed80db2cab1b79c7ea5252d3f5e908","sha1":"20b0971980c09f5985695a39bfa74fd570f5cccf","sha256":"721a0eb5f2e43865ae290b336caab149ec16516695e91ef156e7b9feb13794a2","sha512":"63f3cec4f1d6881f3d5b888b3836ad86c7101c4dc454fb652fd6590912e38d4ac2300f0fca1ac9542bd1323861eecdc5fa6232f63d36f12c27d6ad0688f11b5e","ssdeep":"","tlshash":"0b2153ce9c7082fcc02d8dfde116e432571a338b565ad230c4de4e35232168aba2b71b","first_seen":"2025-12-10T15:29:33.404951Z","last_seen":"2025-12-11T08:35:00.365889Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/p47a80d0-C30fJQri.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/p47a80d0-C30fJQri.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-753\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1875), with no line terminators","md5":"582f22b41429cf4248e5f35757404a90","sha1":"08ec62d69da99818d3b31db8602a4a580899e4cc","sha256":"8b5e78aa884416c4b4e1138d3f625e3d5198bbf5a299fe0059ee6cf21e9466ef","sha512":"f4262a51e476c0d605d2cce1ccd56c5d8f684655e16fbccb4cc56e22787740bb697534e0d7f9ce4941f3b0baf3802d6e4c715e886db9f9abf567081b18cac4e7","ssdeep":"","tlshash":"e63199fd04e48d3862d94598db351a127275160374e59e06f26f97d0039cdce8626b3f","first_seen":"2025-12-10T15:29:33.344588Z","last_seen":"2025-12-11T08:35:00.344288Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b2542c91-D-Be7JV3.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/b2542c91-D-Be7JV3.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-497\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1175,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1174)","md5":"d8c22c294e132634a4df950264c6953c","sha1":"b72fc8a0c0b165099706182e92281dc85cff4bf6","sha256":"5136854cce6e086dba6fc335c247717c0e9d6ab6d98684d5c21b557efec5b760","sha512":"6bca7cfac28bd4560d5fbbe49117c0899c85b22fd0af5cc1d166ca4543833466971364ea558c78b1a7deaed739d7aaa2df1a19ac6dc48853c3d70195517d9a37","ssdeep":"","tlshash":"2721a3cca0b043ad8a0f52feeb7d1044744a0333cb8daa92f1bc23380b875c9a915b64","first_seen":"2025-12-10T15:29:33.360198Z","last_seen":"2025-12-11T07:47:30.088621Z","times_seen":5,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k1a6116-npeuGTQA.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/k1a6116-npeuGTQA.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-71f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1823,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1822)","md5":"ea7cf8b8ceaf026b0be3f732a1c3c3c4","sha1":"73302e0132da9653b860cce2574ff29b626145a1","sha256":"9400a4fe4527ce9dcafd19f16b5404e46e02bef0ac3f9ca5283c2f917db2ecc1","sha512":"118cac5acc7cc0eb2a0f6498576f16ea97eeb393ba1bdee2a81e77dc4fd98a9f48ff578fe842b41abe8ecf81596b1a53ac932356b4199eaff20468aee050c2f8","ssdeep":"","tlshash":"103185dc90a2627ce06f0ba48069204d67491fb3e76f8f91e2bd94351316c94620bba5","first_seen":"2025-12-10T15:29:33.347284Z","last_seen":"2025-12-10T20:29:41.500283Z","times_seen":3,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fmscc.com/sync-do","fqdn":"fmscc.com","domain":"fmscc.com","tld":"com"},"ip":{"addr":"172.64.150.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmscc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 14:43:32 GMT","end":"Fri, 13 Feb 2026 15:43:23 GMT"},"fingerprint":{"sha1":"17:EE:8D:B0:F0:B7:85:35:B3:2D:BD:DF:4C:F2:53:75:F4:51:D9:A8","sha256":"BE:13:9C:0C:8C:E2:C9:67:5E:D2:D4:0F:E0:12:7F:E3:0D:B5:DB:0A:3A:3C:3A:3B:7F:FD:31:CF:FC:6E:34:12"}}},"request":{"raw":"POST /sync-do HTTP/1.1\r\nHost: fmscc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 169\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":169,"data":"[{\"name\":\"lead-cross\",\"check\":true,\"prefix\":\"career-survey\",\"defaultTtl\":604800},{\"name\":\"lead-teenage-cross\",\"check\":true,\"prefix\":\"career-survey\",\"defaultTtl\":604800}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncf-ray: 9abf7e4ffc5e3181-OSL\r\nvary: Accept-Encoding\r\nx-trace-id: 5ebfc8fce3c64bf2e49ec98caed5ca88\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: https://cdn.ak2yy.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=coDaurPUiUglhEpEzwpa3UOAWLYWhPcF0HPuyFMX6_0-1765398556-1.0.1.1-hASpEF.vZ4cmEN1ia2K71sXISznstMt5ofP7KH9mCVS7Rmn.E4C38y5JpDam0QAOgOMfPK.19Ll9wT6Q.hsmfGCGyTZ79PQN5k9NNq1jI0M; path=/; expires=Wed, 10-Dec-25 20:59:16 GMT; domain=.fmscc.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":187,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b050029fad36192e968e5bb165e1bd9d","sha1":"88c11c0ee99416b291b159bdced1992b02cea10a","sha256":"7c66768a8dc31f8a823b4e75cb4b04011b3c29c34b69bddbdf279c5ba6b4da97","sha512":"6104fb2a95177eeaa9784bfdca5f69e342cb0d174662671f2d73a6a9a84c70a5b6ace05605d0b82923e4006c5e1ba62df2e62b9dc4f5f89d930dab78e64ac84b","ssdeep":"","tlshash":"55c0121e9a0908ff851129cc39d125d5bbc2c1013c588c468003cd566bc134208263cd","first_seen":"2025-12-10T15:29:33.388265Z","last_seen":"2026-04-19T00:11:13.812189Z","times_seen":410,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":8,"connect":1,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/a66f99c70-oUoKO3Bu.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/a66f99c70-oUoKO3Bu.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-bcc\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3020,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3019)","md5":"aed848419adb32125fd1e501c556a158","sha1":"f105fd31a3ac8b6b1f381479bac53262cccbf414","sha256":"579e55ff0de348e5c3bce2c7748c2e589eb4eea6e551861a5ad929ed7cf726bf","sha512":"664ccc5b4c80788520d13eb7a38decb2e1282c55734146ec62ebd7a810abfea85323fd57b6fcaacf3d1b107727a1c91ca6366b8ffa350cc338e644f62bd8d88d","ssdeep":"","tlshash":"0a51316965f93b6f4c9b2bf6524d810e1f2e988b7489c730ac9bc72cf95848c34b1b51","first_seen":"2025-12-10T15:29:33.399528Z","last_seen":"2025-12-11T08:35:00.35662Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=26edf31d-a89c-4a76-924f-42c5c2ad94b7","fqdn":"datatechonert.com","domain":"datatechonert.com","tld":"com"},"ip":{"addr":"5.11.81.37","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"datatechonert.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Dec 2024 00:00:00 GMT","end":"Tue, 23 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"ED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72","sha256":"A3:45:F2:05:D1:B6:89:92:B3:05:C2:75:20:48:5F:3C:AA:EB:B3:A9:32:5E:CF:38:C4:37:CD:C0:B9:57:CA:E8"}}},"request":{"raw":"POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=26edf31d-a89c-4a76-924f-42c5c2ad94b7 HTTP/1.1\r\nHost: datatechonert.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1856\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1856,"data":"L\u001bRR\u001f\u001c\u0026\u001c\u0014\u0005g\u001f\u001cK\u0012\u0003\u0001\u0005P\u000eL_\u0003\u000e\u0011\u001aX\u0016\u0010JO@T\u0005\u000fT\u0011\u0003\u001e\u000eP\u0018L\u001fA\u001b\t\u00147\u0001\n\tWN\u001a\u001b\tICPVGP@\u0014\u0002\u0015\u0003\u0003\u001aX\u0013\u000eJOS\nQI\u0015C\u001d\u0006IH\u0005^_\u0003\u0015\u0011A\u0013\u0013[RDP\u0000YU\u001b\u0016\u0003\u0006IH\u0005^_\u0003\u0015\u0011A\u0002FCXY@O\u0010[\u0003QFL\u0002\n\u0016T]\u001b\u001bDP\u0019FCXY@K\b\u0011\u001b[[^YF\u0018L\u001e_\u001b\t\u0007JVMDW\u0011OKC\bSR^GPG\u000f\u001a\u0015\u0003\u0002\u0004BTUJ\u0001\u0011g\r\u001cM\u0004\t\u001a\u000e\u0016\u0016T]\u001b\u001bYE\u000f\u0005[RW/W\u0013\u0010U\r\u000bA^\\\u0004NE`P]R\u0015\u0013\nH;6\u0018XI\u0017QQN\u003c\u001bZXY\f\u0019K\u0000N_Y\u001a\u0003X\tZM\u0017QCN,\u0017W\u0005\u0002\u0018\u000b\u0003\u0007JTHXDB~\u0000\u000b\\\u0007\u0005\u0016DC\u0007ZC\u0007\u001b\u001f\u0014\u0014\u0014[RDN\u001a\u0019\u001d\u001b[H\u0007\u0005\u0006Q\u001c\u0003VU\u001eF\u001e\u0002T\u001e\u001c\u0007O\f\u000b\u0003\b\u0019\u003e\"I]\u0000\u0019RK]W\u0016I\t\f\u0013ON\u0000\u001cN\u0004\u0018T\u0002\u0001d'V^WGS\b\n\u0018\u0004X\u0012\\\u000fTO\b\u000f\u0019\u000e\u0000\u000e\u0007\u001egp\b_\u0014\u0010\u001c\u001a\u001b\u0003TD\t]\u0007G\u0018\u0002\u0017C\u000b\u001f\rP@f3_\u0010\u0006\u0001\u0007J\u0007\u0018UL\u001a\n\r_B\u0007\b@\\A\f\u0013\u0017)!N@\u0014K\fP\u0005HT\u0005\u0007X\u0002A\u0015]APX^[JY@H\u0005[\u0003C\u0002\u001a\u001f\u0002GTB\u0018ZWXT\u0005\u0012Z\f\u001b\u0016\n\u0016TN\t\u0002\u0002\u0011_\u000b\u001f\u0018\b\u000b\u0000LK\u001c\u0006[\nL\u0004\u0015\u0006\u0000\b\u001a\u000e\u0001@S^\u0006\u000b\u0003\u0006\\\u0006DYA[\t]L\rRL\r\n\u001fD\u000f\u0004PWZRGRHYDR\u000eP_\\\u0019\u001a\u0007\u0019\u0017GS\\\u0000\u000f\u0006\u0005CSMZLDQ\u0019D\u0000YD_]\\\u0005\\C\u0006\t\u0003\u0010\u0017\u0000LU\"6z\u001f\u0014U4\"(X\u0000\u0005\u0007XauW\u0003\u0003\u0000\u003c\u001fS\u000f\\\\0I\\\u0013\u0000'0Q,?rABpOT\u001d7#\u0001^*?V L\u001dVC\u0004\\_\u0000\b\u0003\u000fBVOZFS\tYH\u0001VL\u001d\fOW'+Qm\u0007t\f#\u0003\u0005\u0003\u0010R=\b\f\u000b2!\u0003\u0005\u0012\u001d\n^\u0004\\g\u0016\u0002*\u003e*\rV An\u003e\bZXC{-:\u000eh\u0015E\u001d\u0014D8\u0018\u0001|PLM\"^V\f\u0015P\u0004\u001ct\tKg##8N\u0006\u0005JTTALG\u0000\u0004\u0000[6_dZ\u0004x\f,\u0000\u0018GW_\u001e_J\u0006\u001eSZE\u0002[^\u000e\u000f\u000b\u0004CB\n\u000f\u0000_\u000e?T_W.Z\u0026\u0014D\"\u0000vkvt\u0017=#'\u000f3\u001e\u001a\nR\\\t^SKQZ\t\u0004\f\u0007\u0006\u001c\u0006A^CW\u000e\u000b@\tPRV\bDV_^\u0002]\u0006\u0010\t\u0012\u0018\u001aHS\u000f_L\nX\\VYK\u0012\u0018\fE\u0004\n\u0007O\\LXBDA\u0004\u0010]\\[^Y@\u0003_]\u000e\u0001\u0001\u0000HWHYES\u0000^_C\\[^YE\u0007^]\u0002\u001fIR\u001f\u000f\u000bUL\u0006^\u001f\u0013OU9\r\u000f\u0000S\"?Qsl1/,9S\u0018\\\f\u0012K(\u001aS\f(PC#|]eS(\u0001\u000b\u001f0\u0004I\u001a\u000fS\u0003\u001e\u0019I^\u0016\u0000\n\u0015\u0003\u0003\u001aX\u0010\u0003JO@m=:\u001bMH\u0000\tP\u000e_A\u0015WRFX^[?\u001c\f\u000b[[\u0015C\u001a\u001aIH\u0004BORORZX^J_Y@P\n[\u0003URBI\u0016YLW\u001a\b\u001f\u0014\b\u0010\rJOO\tE[Z\t5\u0001\t\u0018\u0016T]\u001b\u001b]AX^HDW\u0015\\KC_\u0000\u0006\u001d\u000e^\u0016\u0001\u001eTIF\u0014@F5\u0001\u001b\u0017@I\u0001\u0001W5X_P\u0018L\u0005^]WS\u0014FC\u000e\u0014\u000eK\fU\u001b\u0002\u00021\u0004\u0010^1\u0004Y]VNX^TYY@O\u0000\u0017f\n\u000f\u0017\u0018-X\u000b\u0003PM[\u0014@VK[Y@[\u0006\u0015V\u00135\n\u000e\u0002@\u0006O\r\u000b\u0007\u001aX\u0012\u001c\u0006\u0011\rJKC\u001bCFL\f\u0013Y\u000b\u001dV]@\u0014@TUJ\u001b\u000e\u001aS[\\\u000fG;8P\u0018L\u0003[J\u0011\fX\u0001\u0017E 1\u0014\f\u0017\u001bMH\r\u0004\u001e[\u001c2PX^C\u000eFCJ\u0006\u0010_\u000b[\u0015C\u001a\b\u0007P\u000eLO\u001b\u001bPZ\u000eFC\u0013\bN\u001a\u0019\u0015X\u0015\f\u0001\u0019\u001fk\n\bC\\PB\u0015\u0016[R\u000e@Q\u001a\u0026X\u000f\u000e\u001c\u0004\u001bPLWQX_E\u001fH[\u0001\u0006=L\u001b\u0010]\u0004\u0004\u001aIHR\u000f\u0001D\\\u001f\u0014\u0013\u0017\u0026\u000b\u001d\u0010W\u0004\u0010L\f5V]-[\u001c2Y\\DS\bFC\u000e\u0014\u000eK\fU\u001b\b\u00191\b\u001aF\u0001\u0000^L^\u0014@\u0002\u0018\u0004\u0006\u0007\u0014K\u0010J\u003e\u000f\n\f\u0017\u0016T\u000bVU@SVF\u0010\u001b*\u0005]\n\u0012VCP\u001a\u0019\u0007QBO^JlA\u001f\u0006\u0026\u0003\u001c\u0016\u001aS\u001fX\r\u0019\u000bGP]\u001d2@\\Qi\u0011\r\r7CR\u000e6\u0016K\u003e\u0004\u000b\u001c\u0017FLWQX_E\u001fH[\u0001\u0006=\\\f\nR\u0015\u0005\u001e4\u0001U\b\fEP\u0011\f\u001c\u0005\u0015\u001b\u0010N\u001a\u0000\nf\u0002\u0002\u001c\u0004\u001f]\u001b\u0000hVCS\b\u0005[R\u0013\u0003T\u001a\u001cDMH\u0000\u000e\u0001\u0016TO\u0003\u0001\u0005\u0003MWJ[C@\u0014K\u001aU\b\u000f\u0000\u001f-]\nO\r\u001bVW\u0019\u0002J^\u0011\u0003\u0015\nI\u000f\u0005GZ\u000fE\u0005CT\u0007ZP\u001bB\\\u001c[E\u0001\\]K\rQ\u000bLGPU\b\u000b^UZW\u000e\u0001\u0026\u0001\u0011@\u0002K[\u0015C\u001e\u001c\n\u0014R\u0007\u000ehJ\\C\b\u0007\u001c7\u001c\u0006\u001aS[\bQXYXB\u0004[O\u001b\u001bRR\f\u0001\u000b\u001c\u001c\u0011]\u001b\u0026P\u0005HTIP\u0018L\u000eVTCW\u0013\u0003\u00177\u001c\u0006\u001aS[\u000fP[_[D\rLA\u0015ZFE\u000e\u000b\u00147\u001c\u0006gX[\u0003CS_^J\u0001^Z\u0015\u0015\u0011U\u000f\u0017\r\u0007\u0018=Q\r\u0026\u000bCPLXC\u0006^]\u0015\u0015\u0011U\u0016\r\u001a\u0003*\u000b\\KC\u001bPZ\\YE\u0005^T\u000f\u000b\u0005\u0004IUHXDZ\u000fKU\u001b\u0002\u0005\u001d\u001fP\u000eLO\u001b\u001b^S\u000e\f\u0016\fWX\u001a\u0003\nM\u0000\rLGPF1\u0018^]\u0011\fXVO\r\u0011\u0004\u000bX\u001d\u0014\u0000RW\b_\u0000\u000fZ\u0001\u0014\n\u0004N\u0002T\\G\u0001\r\nKX\u0005SZ\tE\u0016BOXXl_\u001eFCJWN\u001a\b\u001d]\b\u001e\u0007\u0004\u001cU\u00022^]@\u0014@?$\u0015"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Wed, 10 Dec 2025 20:29:16 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://cdn.ak2yy.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adb4650bfc9d2a73d4dd69583b0ceb14","sha1":"1ce399d6e936232aaf2192cd7903a279c5015f22","sha256":"21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed","sha512":"3fbce22572bbed1aada0f7c6706f16a97e7c0ea132dfee1a7eb80f5e68da1cc63c891a5bc3ea8e87f0c97be3002212a0efbb2af9553acb45e0d447a685cd805b","ssdeep":"","tlshash":"436000000c3000000cc00c0000c00030ff300f00000f00c0000c00f003030c0c00c000","first_seen":"2023-04-05T07:30:31Z","last_seen":"2026-04-19T01:05:27.177606Z","times_seen":56306,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":81,"dns":11,"connect":17,"send":0,"wait":18,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l85c0b5-DURlPhZJ.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/l85c0b5-DURlPhZJ.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-2cb\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":715,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (714)","md5":"f58de0ccfca093f18dca6ca2234689e7","sha1":"b608d3bdfdc8d6b12448386da1da7a88b82e70eb","sha256":"45e9913972a4ef0d766d13b8da584516b6a28119d58517fffc359fae5a16f103","sha512":"f18c3d92c0c52e56a4f3ebfbec253e7779f70aab680bdf36e79094d59e65f2ee3632972b08ba86c7fe8e948e84c61b1a37e12ca3b491d1e36442e3f6e099c929","ssdeep":"","tlshash":"6201c08877f41b09c0a827afd11c7002714a446dd7edefd1f27c4a2b93855d66670b67","first_seen":"2025-12-10T15:29:33.396694Z","last_seen":"2025-12-11T08:35:00.385374Z","times_seen":4,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1341\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1341,"data":"[{\"app\":\"landings\",\"event\":\"cookies_sync_success\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 5bacc3edbc393835467118fd551a620e\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/fe8e00-DdzZp0hT.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/fe8e00-DdzZp0hT.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-23a0\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9120,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9119), with no line terminators","md5":"dbb9037dd14fdf9fe8aca44b276a7b1f","sha1":"659c3de10dcd0cfae213eaee906f688e1a9797b7","sha256":"8147c21fc30fce3da3713cff97b6b7b4abd0c3444b157e4c98f16207ea688fe6","sha512":"1d1a55bbaa5b5aac918b1bd2c10e9301c558e815b003749cbe1c73aee1b02468e003e37e1b209b4e2fd6f9b38ae3d29d32bed01e99d8899421748e104c5ee903","ssdeep":"192:wwgJZXcMZnQhde70MgNsRpB7cREui0WeLZpzLehrvSl4IYO6GP82+AH:wwgJZXcMZnQfe70Mg8wREui0WeLPzwTa","tlshash":"0a123c8860c61c3cd4864cfde5a5c528b23e0e1ded8bc9c5e19e6cbc1298541b2b6f5f","first_seen":"2025-12-10T15:29:33.41129Z","last_seen":"2025-12-11T08:35:00.394934Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/favicon-96x96.png","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /favicon-96x96.png HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 6015\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: \"693969c3-177f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6015,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, interlaced","md5":"cacd53100e7d31ae7b404a98e84ffe07","sha1":"f847c273bcf0e46bf55210e2ad9c98f108a16f6a","sha256":"9a13272a282dbcb3640a3e39a2bb1ba96c6ba5c7ff730d84d7d9ddd8a291724c","sha512":"d1717a6c9a90c6cc084d0f976d1cfed82d73fe08cdc280c97b680d60628090975de5da35c0dd32cb9f1205b4522dba9977c3ba7cb9d8a97770fc1a5b38b17b25","ssdeep":"96:pq0fSwKYPmvGmB6J3vW2/EPL1albpwAxLmkEfeU37ICI2FidSryKfOZCepkOpZNr:pq+SwKYPmvV69lcPL1a3wKmk2evCdQd9","tlshash":"75c18d96cd231027da329832247307cecd4af43bd9922395629205a61fd9c8caf8e793","first_seen":"2025-10-06T18:06:11.210074Z","last_seen":"2026-03-26T17:02:07.818752Z","times_seen":1027,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l656b89e-D_pKju9F.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/l656b89e-D_pKju9F.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-6d8\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1752,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1751)","md5":"ed5a0aad5f10645e90a63866f39d4388","sha1":"4b1a7c1f7fa63e2e0992b5f6b0d7e2f151e17bd1","sha256":"06290e95430de6a80638dc660994e805f1d9e77cbf3e0206a7d5f832668947c4","sha512":"d76d98b28998e0ba4c5758e6cfb3ef743e4ed65f6304951f258b089cbe169ef97577a17a9adb02756c29df6db3e52cbc9533b6d76809c0942fe1571622a689af","ssdeep":"","tlshash":"c031208d27f12671815814ddfa3770c1b07e1166b14e9980c03d4e773a9a9cbc67168f","first_seen":"2025-12-10T15:29:33.354671Z","last_seen":"2025-12-11T08:35:00.399574Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/z04af5b-Cwy0K-XV.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/z04af5b-Cwy0K-XV.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-139f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5023,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5023), with no line terminators","md5":"50608ca3d029cd7a9223c367bff59e0f","sha1":"26a96226e6a8c2aaa659cda725ce9dfe4c001826","sha256":"3ad6f8c26a24620b89f27a0552bb9c97d135578e4c6c90d16bf5761c6ef0adf9","sha512":"a95f2935d0613ca0d061dd4a055c8541bc40e163b3f3209982aede5681fdeac30e711dbadf4b0e3a19b2c2ddf21cfc46eae87a1f99fb645695b1d00d20aaf1bf","ssdeep":"96:5fHU9QatBB+Po0PR0idkngWwKWYhGD/yH/zil/SXhknzMRsOPkb5jszQ9a98Tq/c:5vU9HBkoqRkgWwKWY8mWl6XhizMRvPkT","tlshash":"52a174c094dad8fd0def9eda6554d16233144f177c8bad28b0a58c2527f9c0361ab74b","first_seen":"2025-12-10T15:29:33.413016Z","last_seen":"2025-12-11T08:35:00.333729Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/da2690-Cc0nT18N.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/da2690-Cc0nT18N.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-b87\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2951,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2950)","md5":"9976c5a81813f52b242afb79a37ca2c5","sha1":"cee47c32179ec422070861df11b0b0bdde90fa37","sha256":"dae01120d125abc96a8c83ca064513df21cf79a9489749eb2b69159b7d1ad0bc","sha512":"45c2eebb8f98820bfd1f1145f3f7c4a0d656e947077e5642b6c8369ef8535fc57118d11d5675c6c20c61df8685e8cd6f27bbb962e104e4d14cac339bebe64f51","ssdeep":"","tlshash":"fd51018fc03610594f94cff9b8792a173ed7c22a39868d4823c0a43c41e4bc622bf7a5","first_seen":"2025-12-10T15:29:33.358135Z","last_seen":"2025-12-11T08:35:00.387666Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/o2bb35d5a-DQxql5zl.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/o2bb35d5a-DQxql5zl.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-abd\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2749,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2748)","md5":"44174df14357cb4f12272cb218aac8bd","sha1":"d31c2658fbdcb0aeaf25d311f3aabc27c0f0a015","sha256":"91aec828cb023db8f6dd5ab954cd624d4cf9890a36fce0d680a8358ad51b3a6e","sha512":"876c990a6b0ac0485b2996d293be51ff3470e1629319d4a4debc6718d48a06354b7caafee21b9b1b9f278865fa0e9be37b0e122b8325cc8f63de3afac690c27d","ssdeep":"","tlshash":"cb51b6af44a8a875054cb1aed63692622f1828137c0ec4a1e87c4d2e67d6086e13df2b","first_seen":"2025-12-10T15:29:33.34292Z","last_seen":"2025-12-11T08:35:00.388254Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/n4ca70697-C_hy2v0s.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/n4ca70697-C_hy2v0s.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-2b4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":692,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (691)","md5":"81866890a41812944b4e5b96ecc1fd40","sha1":"bcef465afd54919f160f345aba5c4bb57173e5c2","sha256":"e9a46b80da83dc0959dd88923a5e30816c2bb3c7d315aee4c4b9f1ea9b2c7791","sha512":"a6ed56cb35b7bd5e9d991f9582fe670bb42bf14f61392d906a3c7c5bd0196d577fdd00129f34f21d38888192a8e57004efef2af249372a6b32c4a4f3f405fd32","ssdeep":"","tlshash":"e901838e4af512ac480950ffc96262a13021013713cdcb93e0bc0a794315ed65b15fa3","first_seen":"2025-12-10T15:29:33.389566Z","last_seen":"2025-12-11T08:35:00.388863Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1055\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1055,"data":"[{\"app\":\"landings\",\"event\":\"start\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000340 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 10c6400b5aae37f4eb38ea314230e9ba\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":2,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/o322e47-DfFGiLfD.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/o322e47-DfFGiLfD.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-11e56\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73302,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"851812e989625967d9a63a9e801bf360","sha1":"9697bc381459d831004801158bf41ba2055648e7","sha256":"7b1cd8f06c27ff01f7a5b2500ad23109b9d3a4c89220291391d84b7dec3d426d","sha512":"660032d62bbf76685c3af2fad8d85f0734f1871409b438c688a3fcc5346abb663e8d47ed8e6b286b3c122f78983c009d3feb5ac9f7d703a8c61def774eb48906","ssdeep":"1536:kr2RivKGOUC9dpjXOnlVS+NLcgzAyOx+XuPqTeJcvmzhnQ8:kiRMnlM+NLcgzAye+XuPqKJcYQ8","tlshash":"cc63f88a3391a1145ba9409514ba0403e399fe9e705994e4f6ef54cefb8ccc5f27bb38","first_seen":"2025-12-10T15:29:33.333838Z","last_seen":"2025-12-11T08:35:00.349708Z","times_seen":8,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/k526dc5cf-CoQHG7X7.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/k526dc5cf-CoQHG7X7.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-adb\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2779,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2779), with no line terminators","md5":"80e0c58c14c0a807b6befb0e912971a6","sha1":"87266af98213519f550e56981186e06f40d59880","sha256":"25ac03b140b0daf430d5e817ae4ef8bc086e2ed30e1088117fecd19ed1cd8ff3","sha512":"d611048db9e917c32093c2ee39558cf743e4185d2373ae0d4da7deaea26e982e88793eef3f49fe872cc331f18e99ab7878357d188ce74aab3cae0d3cbf075a44","ssdeep":"","tlshash":"51514487f23094b84146a48dcb22613db27147da2ae4c9b4e0b81c10279dd8b6f7e76b","first_seen":"2025-12-10T15:29:33.409072Z","last_seen":"2025-12-11T08:35:00.3538Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fmscc.com/sync-do","fqdn":"fmscc.com","domain":"fmscc.com","tld":"com"},"ip":{"addr":"172.64.150.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fmscc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 14:43:32 GMT","end":"Fri, 13 Feb 2026 15:43:23 GMT"},"fingerprint":{"sha1":"17:EE:8D:B0:F0:B7:85:35:B3:2D:BD:DF:4C:F2:53:75:F4:51:D9:A8","sha256":"BE:13:9C:0C:8C:E2:C9:67:5E:D2:D4:0F:E0:12:7F:E3:0D:B5:DB:0A:3A:3C:3A:3B:7F:FD:31:CF:FC:6E:34:12"}}},"request":{"raw":"OPTIONS /sync-do HTTP/1.1\r\nHost: fmscc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-length: 0\r\ncf-ray: 9abf7e4f6f61c759-OSL\r\naccess-control-allow-origin: https://cdn.ak2yy.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=rx1q6IoZoHAWDuWGKSzGXlFzmGL0uiuLRgu03jl_j8Q-1765398556-1.0.1.1-eoD1_SRnaeq_Mle1vJNHwJhUrX00u0AX8ZxXjkZu17dNKn_Ur0ssP4b2nrl0fNSXervQAXYldgLY5zvxkJL9eUIA.Gj0v.R2.AZIgRZnriI; path=/; expires=Wed, 10-Dec-25 20:59:16 GMT; domain=.fmscc.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T03:23:17.578713Z","times_seen":13919996,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":40,"dns":7,"connect":3,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/q86f1d9-jzZkWsVt.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/q86f1d9-jzZkWsVt.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-1c2\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":450,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (450), with no line terminators","md5":"02a814159507b555cd92bf89b40c3d5e","sha1":"2c72fd64ec5610dc1f213161306deabd7863d643","sha256":"c3c63b99e35f01a8ed512dd526cb6e9e8c9e291a205b4e16bd58e7c30208ceaf","sha512":"24de3c744efc116757cddede23e2cc81941063308aaf4f2614b3f5d811b9d2a499220bda4c5cc2fcdb4656b59df4803c79e9796cb6d7f781d5c637911e9c6ccf","ssdeep":"","tlshash":"26f0ab4c5ff81e49403e22acc06b44443698417b87ed4fa1e2f8873f936aacbe811387","first_seen":"2025-12-10T15:29:33.363806Z","last_seen":"2025-12-10T20:29:41.509857Z","times_seen":3,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1623\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1623,"data":"[{\"app\":\"landings\",\"event\":\"error\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230},{\"timeStamp\":1765398556099,\"event\":\"error\",\"timeOrigin\":86},{\"timeStamp\":1765398556101,\"event\":\"error\",\"timeOrigin\":2},{\"timeStamp\":1765398556102,\"event\":\"error\",\"timeOrigin\":1},{\"timeStamp\":1765398556113,\"event\":\"error\",\"timeOrigin\":11},{\"timeStamp\":1765398556114,\"event\":\"error\",\"timeOrigin\":1}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: cb596e6294c15225dbe2c006d80ea664\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e196650e-Ce0NAr8b.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/e196650e-Ce0NAr8b.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1636\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: \"693969c3-664\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1636,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5a1adcee8a49f5914328c4e2d64e63f1","sha1":"345da1a9fd93368a561aa05f7f1441dc14667127","sha256":"3dfd33d676d8ef7f093a3baeac061ea7fab7b3ff8d254daa99dce64441c71571","sha512":"7568a1fffe2bbda318bc956796aeb4894748a878275094a3b1d4d722d1ed280db039e7c3f54b68bdae9a62feb890a3d763d8ca66450bac0d01a89b06764fc9d7","ssdeep":"","tlshash":"4231b53a17050f07d5b00bbe96501729af5b3e734ea9c2ab564144172f818d4ed28ae3","first_seen":"2025-01-12T23:36:31.203165Z","last_seen":"2026-04-19T00:11:13.814805Z","times_seen":510,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?userId=v7dzhlnm69v68qsjxf9kkwms7pyvd5e","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js?userId=v7dzhlnm69v68qsjxf9kkwms7pyvd5e HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cdn.ak2yy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://cdn.ak2yy.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; expires=Thu, 10 Dec 2026 20:29:15 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9abf7e4d3ab65fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0e0c9d265d86694f2f089458eb2e5a2d","sha1":"13d9dcfe8b5a892607b2e450d3afc4bba5e1a4e2","sha256":"e549c5bf486a9a2b971e56bf06cc1ce25b87289caac6e5091f1e663616ad7d8e","sha512":"5c02433216236a81c2e34ee9c1ba2df4ff02ec0add7941e38faf3db0a7603e66534c66e92f11375a762dde02b98a658fa02fcd93bb75676b721b8b45a259dd61","ssdeep":"","tlshash":"e6a002a0caf50fd425d145176da6d71a860400a5d4c8ab3951e4480656ce28c58da702","first_seen":"2025-12-10T20:29:41.511746Z","last_seen":"2025-12-10T20:29:41.511746Z","times_seen":1,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":26,"dns":2,"connect":3,"send":0,"wait":41,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1445\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1445,"data":"[{\"app\":\"landings\",\"event\":\"error\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230},{\"timeStamp\":1765398556099,\"event\":\"error\",\"timeOrigin\":86},{\"timeStamp\":1765398556101,\"event\":\"error\",\"timeOrigin\":2}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 5137e4bc89b66ff9d716c3522fe14e0b\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-10T20:29:15.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 410 Gone\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"410","status_text":"Gone","fingerprints":[{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121054,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"c84c619d4431e15d542d41b7df9ea9d2","sha1":"0458ec21665d72900a8929306318579a3252721a","sha256":"fcf17bafe05dd1ca85f01646b78e207e679c992e391d8de4e5b746855856d7e7","sha512":"f6199600700f67ea3f86d5f86fbe30de316b75848308e3188a3c0d05e1f046522793e51efee8f79956678e5514c6a20d0a165818670b42022b13e23ae4b5f702","ssdeep":"3072:P3jsHK9WzQvesHzQeaSIgIhBTs1qcFTi9IP+ssj2PPM:PjWzYH0eaSIgIhBTs1qui9IP+ssj2nM","tlshash":"afc3094b9ab30229391f77a4d092bb44a15bf74bf7a677c4987900216bc79dd3a33780","first_seen":"2025-12-10T20:29:41.495195Z","last_seen":"2025-12-10T20:29:41.495195Z","times_seen":1,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e35cf4a5-DR07BWyQ.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/e35cf4a5-DR07BWyQ.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-229\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":553,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (553), with no line terminators","md5":"bbcfbf2ea4630088e009a484309f0faf","sha1":"e259de9b1b9215194dd08c8adb4c95939d226ac3","sha256":"4d53c4a58d84d7379c25b990be6cf1d268ced33d818e393f47b1c14fc2bb7465","sha512":"9a6db92dc818e957ddbf221ee43e030b98c24491094a748ffc68c9613fe0817c8d42c79ce681e97cc71301e17a959f2882bafe509c0a3e86d48426d5dee4822b","ssdeep":"","tlshash":"4cf0c06659f00b29802a136fd61f1240317451ab8bdc8f13b1bd4bb48361eda9e58ec3","first_seen":"2025-12-10T15:29:33.371267Z","last_seen":"2025-12-11T08:35:00.352752Z","times_seen":8,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/v1be0dfb4-COQAjm3j.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/v1be0dfb4-COQAjm3j.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-549\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1353,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1353), with no line terminators","md5":"c0cab4301b6efeb7e60f5940906b8e25","sha1":"9d28604d6433c226afc79b1462fc68133ff9c067","sha256":"a58a41a24d6ed9a8063d8b0eb833a7080a1edd919e66b5add75460d0a07551f9","sha512":"19f49c1d58f046b22f7b8ccfccc0fe8a0afe9546fe715c164316808d70e14383c0cb34175e619c27877429fa50f275b8bebe0f42794a97485fc54977c2efbe26","ssdeep":"","tlshash":"352114c5b2b390b813a953ece0267642f514492557ccc2d0a1bb16762ed4fdb9c3062f","first_seen":"2025-12-10T15:29:33.39385Z","last_seen":"2025-12-11T08:35:00.354667Z","times_seen":8,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"104.21.36.146","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdntechone.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 12:09:26 GMT","end":"Tue, 03 Mar 2026 13:06:54 GMT"},"fingerprint":{"sha1":"20:CF:7E:0A:3E:60:76:64:CB:13:89:D1:7A:4D:C6:25:CD:DC:95:B7","sha256":"86:F2:8E:50:0F:AF:F9:1A:C3:2C:76:6A:A5:AB:D9:74:D8:CB:8A:FE:B7:B6:76:80:83:09:2F:8E:9A:2A:BC:74"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: cdntechone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 11 Jul 2024 10:23:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nlink: \u003chttps://datatechone.com/\u003e; rel=preconnect; crossorigin, \u003chttps://datatechonert.com/\u003e; rel=preconnect; crossorigin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3wim77xMnIpnXGj2kj0j46qBUGGdARV6saS6ZyGEbCZeA%2FWKadrMOYIWtUO7It3hpjnDLrsN0oG98zvYENnosJ07Fjww5LgOafBl2g%3D%3D\"}]}\r\nage: 4888\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"668fb2b6-406a\"\r\ncontent-encoding: br\r\ncf-ray: 9abf7e4d3ace56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16490,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15840)","md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-19T01:05:27.143438Z","times_seen":9149,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":27,"dns":5,"connect":1,"send":0,"wait":7,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/l1a2ecd4-C_MkHrVp.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/l1a2ecd4-C_MkHrVp.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-1c3\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":451,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (451), with no line terminators","md5":"e09f0e95ce50726bfe8ba68ebc5a4741","sha1":"29e5297ff211031d192f9d4fa2cc95c0be1a716f","sha256":"0b0c297b282b90b7f8a0875544aa0ee5cd2c04db3d302e82553bb570d150df1e","sha512":"0985a2ad21f982e0b1d6b6f347dd37303be31835fa5694806597ca8d93f2832301e40a315b05924846a0a2e6202ff26116e6adeec2638c934a5d37a0e061eafc","ssdeep":"","tlshash":"a6f05c4266f15d0e803513ddd35255013a69423393cd6f51a3bc4e3703a9bcd8a10283","first_seen":"2025-12-10T15:29:33.349233Z","last_seen":"2025-12-10T20:29:41.514402Z","times_seen":3,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1386\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1386,"data":"[{\"app\":\"landings\",\"event\":\"error\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230},{\"timeStamp\":1765398556099,\"event\":\"error\",\"timeOrigin\":86}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 360a0313edaa8fb84295b530955b021d\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/d8c2f9-BQwkxFPn.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/d8c2f9-BQwkxFPn.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-22b\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":555,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (554)","md5":"8fa47fa00a355c9e55d65bdad602a4b3","sha1":"d6d4a0a4b3629922f37e5c1ecf4ab82e889a4523","sha256":"74db0438ccabd2fe2d7e6d0347bea079ea61f9cfbc3678e743b411ae7ee619f8","sha512":"7930b15f963fb67cb50e40e48ba5f0743afa6c10e03f19f4ff2ec0096f0e03c406bc74d4e7d75a55920e8f66c64a1c56ac36e7dc1e78bb1bacf21faba12a2ad2","ssdeep":"","tlshash":"55f0818a55f016e1405b5adfe15a6053b692012662cdcf92b06c077477d6e4d7152f43","first_seen":"2025-12-10T15:29:33.352012Z","last_seen":"2025-12-11T08:35:00.334287Z","times_seen":4,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/x31a9db80-DDl2eHa4.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/x31a9db80-DDl2eHa4.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-f822\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63522,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (38454)","md5":"c93eec36a1125f8df1410e4aa9883718","sha1":"56053cf0237d7b7d89be535d96f78c6fc5527742","sha256":"00f64068956f8b7299ffaf26a09a8df7a374c1b18ec2c8cd76c46988a412fbf8","sha512":"c9619716f274e6fcc339e4ef0322a6b3db83d3a36f80ac280faed2a08c521e216b1259fa46d545c1665156dfec239698a41088fcc24fb738a5dffc13cdeab7bc","ssdeep":"768:T5FCDDOqykJ7QNp4N70H1KcvXCyLHWxA9k/eWj8kcj6tKwtZHNMSgz6lDNwnfZRY:zeqs7QX4qz4PNcj6ftZHNMSZH","tlshash":"8f534a687056203a03ef51e6e0bf6a4bf2356912e48dc644e316cef06fb469d4267f2d","first_seen":"2025-12-10T15:29:33.350694Z","last_seen":"2025-12-11T08:35:00.376564Z","times_seen":8,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/b68c74f-D5mFF9A9.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/b68c74f-D5mFF9A9.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-3bf\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":959,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (959), with no line terminators","md5":"1e2f2c7c162b3d6d24963d6cba1c5ed4","sha1":"37d337424156840342765e109643ff76ca71f80f","sha256":"7c1f819900895ea0d21e79503bbaff358a03d7be86eb42a609dc16fddffab67c","sha512":"14e1b0ae0e8f4d5f2701a4359ed225ff6a43ee524f4c0206c2b62ba008069d0cd1de3ad8fc600fee755bc7b55c2f0854bd03964373c1bc0d857a51e3a110828a","ssdeep":"","tlshash":"1e1110cd81f4e294c00845eec60b62343575016b23cdcf9aa0dc2779575e9cada20767","first_seen":"2025-12-10T15:29:33.398227Z","last_seen":"2025-12-10T20:29:41.516059Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/e33f543e8-DCfPeC9t.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/e33f543e8-DCfPeC9t.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-908\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2312,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2311)","md5":"c76bd54eedca77327e27a3a71dc20c4b","sha1":"d734aea3baaddba5ad44c7b2ece1577557c08ec4","sha256":"889a9333243bd2742c8c1e52dd75e901380e0466cc3b9de4d282b547b9607c8d","sha512":"d2d6281831912746a57ffa867ae68da8d21d1d5c05b7d3ab3c5c0ac11424037eac338fedc65f77826f64fc6ee1d483b7b8d0d51c43292f47f68b3e23de0b0d2e","ssdeep":"","tlshash":"4341939c40f149b8d1a457ddd33af2323598293b358e8e90f22f8a32173ed4295b0fa5","first_seen":"2025-12-10T15:29:33.405846Z","last_seen":"2025-12-11T08:35:00.360403Z","times_seen":8,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g64ac43531-C58wuwms.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/g64ac43531-C58wuwms.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-6ab\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1707,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1707), with no line terminators","md5":"62ab15bc680d00be23870a4a3218ed54","sha1":"9292020ea60913320245449a0424c305519f32f6","sha256":"aa54e280087b738ba9af9cd479b16641eb362dd3764bd4fc07ac685fe63badde","sha512":"a5ec3f406e998cb134fbdba730f261ef47042b020ec83b0a8b19902037a023000086cb513d6f9563e7daed4c2228cf2073634d67c9a8d97887229dceccb69c82","ssdeep":"","tlshash":"6431b6dcd820db6c813a299dd25a11177b05376b13bbcb01c5bd383b23992c8f617b22","first_seen":"2025-12-10T15:29:33.419633Z","last_seen":"2025-12-11T08:35:00.361025Z","times_seen":5,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/c89a6315-CfCmxfkG.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/c89a6315-CfCmxfkG.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-1c4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":452,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (452), with no line terminators","md5":"a98be0f9f31e7384992df36b66cd4cb0","sha1":"656a9dd370963504180ff5881fc9f3df7551e32d","sha256":"0cd3a9cb53734de49d947f1aefac68677d2c06a71c8830f5844805d7e6811014","sha512":"4af77556ca77734d638566df23657b5ee968f5308a396834ce27c64db0d76564332ae8d46fe5a06254cab3a8bea9b9295e05dd151d4f9f4fa51cf67c51a0628e","ssdeep":"","tlshash":"41f0a3499ff44959503a17dcea167540b1de003b56dc4f61e23c063b139bfced815287","first_seen":"2025-12-10T15:29:33.340369Z","last_seen":"2025-12-10T20:29:41.517635Z","times_seen":3,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/f098392a01-DPniaGYv.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/f098392a01-DPniaGYv.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c3-1c2\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":450,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (450), with no line terminators","md5":"41f3af3eb7629019305ba4053af53039","sha1":"9c94c2d1b3a1aa60d9977befcf219dd2e29bad8f","sha256":"40f15675296856083ce8addde0107456166f626599501f3622606c3d9516d711","sha512":"4f9326677f76b4e51bc19eefad55479079e95c5bd2d4aa53215d920854aaa191a3545dbad0203b2c5f3cd03c82367f46cdba72e9730085d7df6541d9f998643a","ssdeep":"","tlshash":"f8f05c492bf46a06842d12ecd5925902f6dc283366dd9f12d1b80b3a23689de5d15297","first_seen":"2025-12-10T15:29:33.329193Z","last_seen":"2025-12-10T20:29:41.518224Z","times_seen":3,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1124\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1124,"data":"[{\"app\":\"landings\",\"event\":\"adex_init\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: ccbcf5bbc0d65f70ed85837116bb3d6c\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/sync-metrics","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1504\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1504,"data":"[{\"app\":\"landings\",\"event\":\"error\",\"usid\":\"19b09f42acb1e1d804630be\",\"sub_id\":\"1022710982623110187\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"career-survey\",\"event_source\":1,\"ymid\":\"1022710982623110187\",\"request_var\":\"9158507\",\"landing_domain\":\"cdn.ak2yy.com\",\"landing_url\":\"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw\",\"source_zone_id\":10273005,\"config_id\":1880,\"build_version\":\"v0.0.621-verticals\",\"landing_load_date_time\":\"2025-12-10 20:29:15.000673 +00:00\",\"design_id\":1,\"vertical\":\"finance\",\"events_history\":[{\"timeStamp\":1765398555339,\"event\":\"start\",\"timeOrigin\":0},{\"timeStamp\":1765398555672,\"event\":\"adex_init\",\"timeOrigin\":333},{\"timeStamp\":1765398555679,\"event\":\"load\",\"timeOrigin\":7},{\"timeStamp\":1765398555783,\"event\":\"adex_script_load\",\"timeOrigin\":104},{\"timeStamp\":1765398556013,\"event\":\"cookies_sync_success\",\"timeOrigin\":230},{\"timeStamp\":1765398556099,\"event\":\"error\",\"timeOrigin\":86},{\"timeStamp\":1765398556101,\"event\":\"error\",\"timeOrigin\":2},{\"timeStamp\":1765398556102,\"event\":\"error\",\"timeOrigin\":1}],\"ab2r\":\"31200\"}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 29975471c16817282046d349da6973a2\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-19T02:33:57.339682Z","times_seen":121504,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/g555918cd5-WUggEIoU.webp","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:16.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/g555918cd5-WUggEIoU.webp HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=v7dzhlnm69v68qsjxf9kkwms7pyvd5e; syncedCookie=true; oaidts=1765398556\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:16 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5004\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:27 GMT\r\nvary: Accept-Encoding\r\netag: \"693969c3-138c\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Fri, 12 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5004,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"eb0e8d921b8b8ce75be4fbe630ebaa82","sha1":"d4817274b33ef5ac7cc350babbc77f1fa84c5fbd","sha256":"6f83342ed01d498e4c79260aa1f8818a10430300b8cf9862056c73b8532b268a","sha512":"eb5ad49f3375a60f54cf486066d634d1ef74138e2cf747a1664fd717fad7bd36f6b1a84a021b647096b35d8a9b1f368dfdc9f90293843dc31503b07c8f617dee","ssdeep":"96:D0zkkY1s0tgj90I6RiNudHj7nxiBOEZz8Vht4kkt:ozQ1i6iN2DbfEZ8tk","tlshash":"b2a18e3dea92feadc03743b89344af75f5841b6647d4a3ba12cd540dc6c8e44f6481e5","first_seen":"2025-01-12T23:36:31.206085Z","last_seen":"2026-04-19T00:11:13.802319Z","times_seen":510,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ak2yy.com/_astro/bc856766d-81a12O7x.js","fqdn":"cdn.ak2yy.com","domain":"ak2yy.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.ak2yy.com/clicker/1866/en.html?abtest=31200\u0026b=14914543\u0026campaignid=6111069\u0026expires=1765397429\u0026ip=98.16.12.100\u0026md5=WTBvmlUHF3r1i5VLd5ydEw\u0026md5Ip=ynLBeBRExqF50d_VcfCFoA\u0026s=1022710982623110187\u0026sg=cIFfT4BvGzmvrjTq5jXOhw\u0026sgi=oQlfSV_onI8W_b431OCW9Q\u0026sgp=PmcD95tC48ggdjqC0xQYGA\u0026sgr=-x--noroX2Sc7NvHyp25gw\u0026sgt=1765396829\u0026sgu=6V-f6D4MfpLmAREBmYZOzQ\u0026ssk=c089e4d3540fb86656b90188c6b135d5\u0026svar=1765396829\u0026var=9158507\u0026ymid=1022710982623110187\u0026z=10273005\u0026zdekr=9dfvjv4ScdrgLRfJ_IKKUQ\u0026zdekrIp=gZd-NKdVeRerwEfqsvjbtw","date":"2025-12-10T20:29:15.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.ak2yy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 04:33:19 GMT","end":"Fri, 20 Feb 2026 04:33:18 GMT"},"fingerprint":{"sha1":"DD:66:10:B5:68:B0:B3:C6:D0:76:9A:7E:A0:C0:26:29:43:33:F5:D6","sha256":"84:25:01:89:78:57:AD:C0:7A:72:A0:22:1E:9C:92:8F:B4:18:2D:5E:54:97:D2:22:FD:DA:1B:FB:70:17:44:8D"}}},"request":{"raw":"GET /_astro/bc856766d-81a12O7x.js HTTP/1.1\r\nHost: cdn.ak2yy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Dec 2025 20:29:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 10 Dec 2025 12:38:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693969c2-163d\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Fri, 12 Dec 2025 20:29:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5693,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5464)","md5":"8d7d8dc366b365a522b9c93e7f506304","sha1":"9d5da054d17dbf3dcc8f72a92659ffe85a29a0a1","sha256":"089bb850e53fc72046e4a02768d34cdf23e7110d5aae0a507f67939b6a228d4b","sha512":"e8caa327f023570616990ac761e6772f3e63980bb2920fdb700c8c4e4ac6aa2709dbfd4e190fb7a5d3adfa79fee9dd033671d876d5e771a6a27876777d31e4bd","ssdeep":"96:jxqH5MwAo3Yg/QRqo3utWpBWxcHA80UfB2/D3fpytNnU4ohQxeR:YZMwWCQUSOWGMAAJ44nD/o","tlshash":"87c1869ce1391669b02b9d9c923a121b67353723e94ddaf0e47e2e2023c978057c62f3","first_seen":"2025-12-10T15:29:33.410056Z","last_seen":"2025-12-10T20:29:41.519551Z","times_seen":3,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"cdn.ak2yy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}